www.koaa.com Open in urlscan Pro
13.32.25.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://koaa.com/
Effective URL:
https://www.koaa.com/
Submission: On April 20 via api (April 20th 2021, 9:14:13 am UTC) from CH

Summary HTTP 405 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 102 IPs in 9 countries across 84 domains to perform 405 HTTP transactions. The main IP is 13.32.25.122, located in United States and belongs to AMAZON-02, US. The main domain is www.koaa.com.
TLS certificate: Issued by Amazon on February 5th 2021. Valid for: a year.

This is the only time www.koaa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	65.9.66.37 65.9.66.37	16509 (AMAZON-02) (AMAZON-02)
6	13.32.25.122 13.32.25.122	16509 (AMAZON-02) (AMAZON-02)
16	13.32.25.46 13.32.25.46	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:2600:9:4c16:5180:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
2	13.32.25.20 13.32.25.20	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.25.103 13.32.25.103	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:298::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:5c00:d:77c3:2dc0:21	16509 (AMAZON-02) (AMAZON-02)
17	184.30.21.162 184.30.21.162	16625 (AKAMAI-AS) (AKAMAI-AS)
4	13.224.103.105 13.224.103.105	16509 (AMAZON-02) (AMAZON-02)
2	104.84.56.24 104.84.56.24	16625 (AKAMAI-AS) (AKAMAI-AS)
10	13.224.102.90 13.224.102.90	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	37.48.77.133 37.48.77.133	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	13.224.96.38 13.224.96.38	16509 (AMAZON-02) (AMAZON-02)
1	34.249.123.233 34.249.123.233	16509 (AMAZON-02) (AMAZON-02)
2	99.86.2.98 99.86.2.98	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1 3	13.224.102.56 13.224.102.56	16509 (AMAZON-02) (AMAZON-02)
4 6	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	35.227.203.93 35.227.203.93	15169 (GOOGLE) (GOOGLE)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:211... 2600:9000:211e:4200:10:618e:d880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:5200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
22	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	34.96.74.203 34.96.74.203	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0d::9c	15169 (GOOGLE) (GOOGLE)
8	89.149.201.75 89.149.201.75	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
18	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2 2	165.227.252.242 165.227.252.242	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
16	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	35.173.69.207 35.173.69.207	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2 2	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.162.133.148 178.162.133.148	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
7	184.30.20.198 184.30.20.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 12	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5 7	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
8 10	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	2600:1f18:612... 2600:1f18:612b:4216:b3d7:e742:13a8:bd05	14618 (AMAZON-AES) (AMAZON-AES)
8 8	52.58.146.86 52.58.146.86	16509 (AMAZON-02) (AMAZON-02)
2 2	18.159.17.140 18.159.17.140	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6 6	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
16 19	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
13	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	213.155.156.166 213.155.156.166	1299 (TELIANET ...) (TELIANET Telia Carrier)
14	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	87.98.128.108 87.98.128.108	16276 (OVH) (OVH)
2	72.251.241.196 72.251.241.196	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	2606:4700:303... 2606:4700:3039::6815:c035	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2 21	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	51.68.39.188 51.68.39.188	16276 (OVH) (OVH)
2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
4 4	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2 2	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
2 2	52.30.184.164 52.30.184.164	16509 (AMAZON-02) (AMAZON-02)
9	3.141.126.26 3.141.126.26	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
6	13.224.102.57 13.224.102.57	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:710... 2a02:26f0:7100:1aa::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	213.254.244.26 213.254.244.26	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	35.158.19.244 35.158.19.244	16509 (AMAZON-02) (AMAZON-02)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2600:1f18:612... 2600:1f18:612b:4232:d8ff:eb32:9f2d:cd3f	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700:20:... 2606:4700:20::681a:336	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.102.63 13.224.102.63	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.153.71 35.156.153.71	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	185.29.135.234 185.29.135.234	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 3	52.49.202.212 52.49.202.212	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
2 3	18.202.255.125 18.202.255.125	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:807::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:69::8	15169 (GOOGLE) (GOOGLE)
7	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	13.224.102.24 13.224.102.24	16509 (AMAZON-02) (AMAZON-02)
1	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
405	102

1 65.9.66.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

koaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.25.122 (United States)

ASN16509 (AMAZON-02, US)

www.koaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.32.25.46 (United States)

ASN16509 (AMAZON-02, US)

ewscripps.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:2600:9:4c16:5180:21 (United States)

ASN16509 (AMAZON-02, US)

d25dfknw9ghxs6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.25.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-20.fra56.r.cloudfront.net

assets.scrippsdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.25.103 (United States)

ASN16509 (AMAZON-02, US)

videoads.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:298::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:5c00:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2s8wlbatk24s7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 184.30.21.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-162.deploy.static.akamaitechnologies.com

sejs.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.103.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.84.56.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.224.102.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-90.zrh50.r.cloudfront.net

yummy.consumable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.48.77.133 (Schoonhoven, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

engine.bannersolution.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-38.zrh50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.123.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.2.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-98.fra6.r.cloudfront.net

api.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

4394967.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.102.56 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-56.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)

pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4200:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:5200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 89.149.201.75 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

cdn.bannersolution.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 165.227.252.242 (North Bergen, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.173.69.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-69-207.compute-1.amazonaws.com

www.tickcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
18f46a15319d7453f2f1ebab05c901de.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dd072df9924c140888c93f6705623ea8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.143.124 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.148 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1.go.sonobi.com

go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

gift-connect-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.30.20.241 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.172.38 (Frankfurt am Main, Germany) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.47.23 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4216:b3d7:e742:13a8:bd05 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pbs.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.58.146.86 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.17.140 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.135.227 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.3.30 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.217.18.98 (United States) 16 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

includemodal.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.166 (Sweden) 4 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.98.128.108 (France) 2 redirects

ASN16276 (OVH, FR)

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3039::6815:c035 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.13.44 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.68.39.188 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.49 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.62.202.251 (Amsterdam, Netherlands) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.107.212 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.184.164 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.141.126.26 (Columbus, United States)

ASN16509 (AMAZON-02, US)

includemodal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.102.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-57.zrh50.r.cloudfront.net

services.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:7100:1aa::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.26 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20234.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

clarium.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.19.244 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:d8ff:eb32:9f2d:cd3f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

vtrdn-wjdav.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:336 (United States)

ASN13335 (CLOUDFLARENET, US)

v.traileraddict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:236 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.traileraddict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-63.zrh50.r.cloudfront.net

p.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.153.71 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.135.234 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.202.212 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.202.255.125 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:807::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:69::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5ednse.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.102.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-24.zrh50.r.cloudfront.net

stats-dev.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	doubleclick.net 17 redirects 4394967.fls.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net pubads.g.doubleclick.net	427 KB
50	pubmatic.com 2 redirects ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com hbopenbid.pubmatic.com simage4.pubmatic.com aud.pubmatic.com	108 KB
41	googlesyndication.com pagead2.googlesyndication.com 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com tpc.googlesyndication.com 18f46a15319d7453f2f1ebab05c901de.safeframe.googlesyndication.com dd072df9924c140888c93f6705623ea8.safeframe.googlesyndication.com ade.googlesyndication.com	220 KB
18	serverbid.com 2 redirects sync.serverbid.com e.serverbid.com	3 KB
18	moatads.com sejs.moatads.com mb.moatads.com px.moatads.com z.moatads.com	277 KB
16	brightspotcdn.com ewscripps.brightspotcdn.com	2 MB
14	openx.net 3 redirects gift-connect-d.openx.net eu-u.openx.net us-u.openx.net rtb.openx.net u.openx.net	4 KB
12	bannersolution.net engine.bannersolution.net cdn.bannersolution.net	67 KB
11	adnxs.com 8 redirects ib.adnxs.com secure.adnxs.com acdn.adnxs.com	10 KB
11	rubiconproject.com 2 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com prebid-server.rubiconproject.com	32 KB
10	consumable.com yummy.consumable.com	238 KB
9	brid.tv services.brid.tv p.brid.tv c.brid.tv stats-dev.brid.tv Failed	217 KB
9	includemodal.com includemodal.com	2 KB
9	googletagservices.com www.googletagservices.com	284 KB
8	2mdn.net s0.2mdn.net	121 KB
8	bidswitch.net 8 redirects x.bidswitch.net	3 KB
8	yahoo.com 6 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	7 KB
7	casalemedia.com 5 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com as-sec.casalemedia.com Failed	6 KB
7	google.com adservice.google.com www.google.com	2 KB
7	koaa.com 1 redirects koaa.com www.koaa.com	385 KB
6	doubleverify.com cdn.doubleverify.com tps.doubleverify.com tps20234.doubleverify.com	95 KB
6	adform.net 6 redirects c1.adform.net	3 KB
6	quantserve.com 4 redirects secure.quantserve.com pixel.quantserve.com	11 KB
6	google-analytics.com www.google-analytics.com	39 KB
5	googleapis.com ajax.googleapis.com fonts.googleapis.com imasdk.googleapis.com	334 KB
5	cloudflare.com cdnjs.cloudflare.com	27 KB
5	tickcounter.com www.tickcounter.com	10 KB
5	typekit.net use.typekit.net p.typekit.net	89 KB
4	gstatic.com fonts.gstatic.com csi.gstatic.com	23 KB
4	traileraddict.com v.traileraddict.com cdn.traileraddict.com	45 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
4	semasio.net 2 redirects uipglob.semasio.net	2 KB
4	tapad.com 2 redirects pixel.tapad.com	1 KB
4	taboola.com 2 redirects trc.taboola.com match.taboola.com	1 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	3 KB
4	de17a.com 4 redirects d5p.de17a.com	1 KB
4	fastly.net includemodal.global.ssl.fastly.net clarium.global.ssl.fastly.net	74 KB
4	mathtag.com 4 redirects sync.mathtag.com	2 KB
4	advertising.com 4 redirects pixel.advertising.com ads.adaptv.advertising.com Failed	1 KB
4	sonobi.com go.sonobi.com sync.go.sonobi.com apex.go.sonobi.com	2 KB
4	google.de adservice.google.de	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com	37 KB
4	ewscloud.com videoads.ewscloud.com api.ewscloud.com static.ewscloud.com	21 KB
3	bidr.io match.prod.bidr.io Failed	2 KB
3	adsrvr.org match.adsrvr.org Failed	1 KB
3	tremorhub.com 1 redirects pbs.publishers.tremorhub.com vtrdn-wjdav.ads.tremorhub.com	1011 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	fontawesome.com use.fontawesome.com	132 KB
3	cloudfront.net d25dfknw9ghxs6.cloudfront.net d2s8wlbatk24s7.cloudfront.net	66 KB
2	gvt1.com 1 redirects redirector.gvt1.com r3---sn-4g5ednse.gvt1.com	3 MB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	gumgum.com 2 redirects rtb.gumgum.com	674 B
2	playground.xyz 2 redirects ads.playground.xyz	977 B
2	dotomi.com pubmatic-match.dotomi.com	208 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	674 B
2	bidtheatre.com 2 redirects match.adsby.bidtheatre.com	1 KB
2	turn.com 2 redirects ad.turn.com	1 KB
2	nrich.ai 2 redirects dsp.nrich.ai	978 B
2	fiftyt.com visitor.fiftyt.com Failed	996 B
2	zeotap.com mwzeom.zeotap.com	1 KB
2	ad4m.at ad4m.at	2 KB
2	adgrx.com cm.adgrx.com	816 B
2	erne.co 2 redirects green.erne.co	649 B
2	criteo.com dis.criteo.com	588 B
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com	10 KB
2	pymx5.com pymx5.com api.pymx5.com	10 KB
2	parsely.com cdn.parsely.com p1.parsely.com	26 KB
2	facebook.net connect.facebook.net	66 KB
2	media.net contextual.media.net hblg.media.net	88 KB
2	scrippsdigital.com assets.scrippsdigital.com	4 KB
2	cookielaw.org cdn.cookielaw.org	7 KB
1	brealtime.com biddr.brealtime.com	1 KB
1	createjs.com code.createjs.com	48 KB
1	simpli.fi um.simpli.fi Failed	609 B
1	deepintent.com match.deepintent.com Failed	44 B
1	contextweb.com bh.contextweb.com Failed	462 B
1	adition.com dsp.adfarm1.adition.com Failed	501 B
1	sentry-cdn.com browser.sentry-cdn.com	20 KB
1	emxdgt.com cs.emxdgt.com hb.emxdgt.com Failed
1	quantcount.com rules.quantcount.com	1020 B
1	googletagmanager.com www.googletagmanager.com	36 KB
0	digitru.st Failed prebid.digitru.st Failed
0	spotxchange.com Failed search.spotxchange.com Failed
405	84

	Domain	Requested by
21	simage2.pubmatic.com	2 redirects ads.pubmatic.com image6.pubmatic.com
20	securepubads.g.doubleclick.net	www.koaa.com securepubads.g.doubleclick.net d25dfknw9ghxs6.cloudfront.net www.googletagservices.com yummy.consumable.com imasdk.googleapis.com
19	cm.g.doubleclick.net	16 redirects gift-connect-d.openx.net googleads.g.doubleclick.net u.openx.net
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com tpc.googlesyndication.com
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com www.koaa.com srcdoc d25dfknw9ghxs6.cloudfront.net
16	e.serverbid.com	d25dfknw9ghxs6.cloudfront.net www.koaa.com gift-connect-d.openx.net ads.pubmatic.com yummy.consumable.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
16	ewscripps.brightspotcdn.com	www.koaa.com
14	image2.pubmatic.com	ads.pubmatic.com image6.pubmatic.com
14	px.moatads.com	www.koaa.com
10	yummy.consumable.com	www.koaa.com yummy.consumable.com
9	includemodal.com	www.koaa.com 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
9	www.googletagservices.com	securepubads.g.doubleclick.net 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com yummy.consumable.com
8	s0.2mdn.net	www.koaa.com s0.2mdn.net 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com imasdk.googleapis.com
8	x.bidswitch.net	8 redirects
8	cdn.bannersolution.net	srcdoc cdn.bannersolution.net
7	pubads.g.doubleclick.net
7	ib.adnxs.com	6 redirects yummy.consumable.com
7	ads.pubmatic.com	sync.serverbid.com ads.pubmatic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com yummy.consumable.com
6	c1.adform.net	6 redirects
6	ups.analytics.yahoo.com	6 redirects
6	eus.rubiconproject.com	sync.serverbid.com eus.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com yummy.consumable.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.koaa.com www.tickcounter.com
6	www.koaa.com	www.koaa.com ewscripps.brightspotcdn.com
5	cdnjs.cloudflare.com	www.tickcounter.com
5	www.tickcounter.com	www.koaa.com www.tickcounter.com browser.sentry-cdn.com
5	pixel.quantserve.com	4 redirects www.koaa.com
5	adservice.google.com	4394967.fls.doubleclick.net securepubads.g.doubleclick.net imasdk.googleapis.com
4	services.brid.tv	yummy.consumable.com services.brid.tv
4	sync-tm.everesttech.net	4 redirects
4	uipglob.semasio.net	2 redirects ads.pubmatic.com
4	pixel.tapad.com	2 redirects ads.pubmatic.com image6.pubmatic.com
4	d5p.de17a.com	4 redirects
4	us-u.openx.net	gift-connect-d.openx.net u.openx.net
4	eu-u.openx.net	gift-connect-d.openx.net u.openx.net
4	sync.mathtag.com	4 redirects
4	pixel.advertising.com	4 redirects
4	ssum-sec.casalemedia.com	4 redirects
4	adservice.google.de	securepubads.g.doubleclick.net imasdk.googleapis.com
4	engine.bannersolution.net	www.koaa.com engine.bannersolution.net
4	c.amazon-adsystem.com	www.koaa.com d25dfknw9ghxs6.cloudfront.net
4	use.typekit.net	ewscripps.brightspotcdn.com use.typekit.net
3	csi.gstatic.com	imasdk.googleapis.com
3	cdn.traileraddict.com	www.koaa.com yummy.consumable.com
3	cdn.doubleverify.com	s0.2mdn.net www.koaa.com cdn.doubleverify.com
3	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
3	secure.adnxs.com	2 redirects acdn.adnxs.com
3	match.prod.bidr.io	ads.pubmatic.com image6.pubmatic.com
3	includemodal.global.ssl.fastly.net	securepubads.g.doubleclick.net 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
3	match.adsrvr.org	gift-connect-d.openx.net ads.pubmatic.com u.openx.net
3	gift-connect-d.openx.net	1 redirects sync.serverbid.com yummy.consumable.com
3	stats.g.doubleclick.net	d25dfknw9ghxs6.cloudfront.net
3	sb.scorecardresearch.com	1 redirects www.koaa.com
3	use.fontawesome.com	www.koaa.com use.fontawesome.com
2	ap.lijit.com	2 redirects
2	rtb.openx.net	2 redirects
2	stats-dev.brid.tv	www.koaa.com
2	imasdk.googleapis.com	services.brid.tv imasdk.googleapis.com
2	p.brid.tv	services.brid.tv
2	tps20234.doubleverify.com	cdn.doubleverify.com
2	simage4.pubmatic.com	ads.pubmatic.com
2	www.google.com	tpc.googlesyndication.com securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	www.koaa.com
2	fonts.googleapis.com	yummy.consumable.com c.brid.tv
2	googleads.g.doubleclick.net	9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com www.koaa.com
2	rtb.gumgum.com	2 redirects
2	ads.playground.xyz	2 redirects
2	pubmatic-match.dotomi.com	ads.pubmatic.com
2	pixel-sync.sitescout.com	2 redirects
2	match.adsby.bidtheatre.com	2 redirects
2	ad.turn.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	pr-bh.ybp.yahoo.com	ads.pubmatic.com
2	dsp.nrich.ai	2 redirects
2	visitor.fiftyt.com	ads.pubmatic.com
2	mwzeom.zeotap.com	ads.pubmatic.com
2	match.taboola.com	ads.pubmatic.com image6.pubmatic.com
2	trc.taboola.com	2 redirects
2	s.tribalfusion.com	ads.pubmatic.com image6.pubmatic.com
2	a.tribalfusion.com	2 redirects
2	ad4m.at	ads.pubmatic.com image6.pubmatic.com
2	cm.adgrx.com	ads.pubmatic.com image6.pubmatic.com
2	green.erne.co	2 redirects
2	dis.criteo.com	ads.pubmatic.com image6.pubmatic.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	z.moatads.com	securepubads.g.doubleclick.net
2	image6.pubmatic.com	ads.pubmatic.com
2	a.sportradarserving.com	2 redirects
2	pbs.publishers.tremorhub.com	1 redirects www.koaa.com
2	sync.go.sonobi.com	www.koaa.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2	secure-assets.rubiconproject.com	2 redirects
2	9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	www.koaa.com yummy.consumable.com
2	sync.serverbid.com	2 redirects
2	4394967.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	api.ewscloud.com	ewscripps.brightspotcdn.com
2	connect.facebook.net	www.koaa.com connect.facebook.net
2	d2s8wlbatk24s7.cloudfront.net	d25dfknw9ghxs6.cloudfront.net includemodal.global.ssl.fastly.net
2	assets.scrippsdigital.com	www.koaa.com
2	cdn.cookielaw.org	www.koaa.com d25dfknw9ghxs6.cloudfront.net
1	ade.googlesyndication.com
1	biddr.brealtime.com	yummy.consumable.com
1	u.openx.net	yummy.consumable.com
1	r3---sn-4g5ednse.gvt1.com	www.koaa.com
1	redirector.gvt1.com	1 redirects
1	aud.pubmatic.com	ads.pubmatic.com
1	acdn.adnxs.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	fonts.gstatic.com	fonts.googleapis.com
1	c.brid.tv	services.brid.tv
1	v.traileraddict.com	yummy.consumable.com
1	hbopenbid.pubmatic.com	yummy.consumable.com
1	vtrdn-wjdav.ads.tremorhub.com	yummy.consumable.com
1	apex.go.sonobi.com	yummy.consumable.com
1	prebid-server.rubiconproject.com	yummy.consumable.com
1	dd072df9924c140888c93f6705623ea8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	clarium.global.ssl.fastly.net	www.koaa.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	code.createjs.com	s0.2mdn.net
1	18f46a15319d7453f2f1ebab05c901de.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	um.simpli.fi	ads.pubmatic.com
1	match.deepintent.com	ads.pubmatic.com image6.pubmatic.com
1	bh.contextweb.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	ads.pubmatic.com
1	ajax.googleapis.com	www.tickcounter.com
1	browser.sentry-cdn.com	www.tickcounter.com
1	cs.emxdgt.com	sync.serverbid.com
1	go.sonobi.com	sync.serverbid.com
1	api.pymx5.com	pymx5.com
1	rules.quantcount.com	secure.quantserve.com
1	static.ewscloud.com	www.koaa.com
1	p1.parsely.com	www.koaa.com
1	hblg.media.net	www.koaa.com
1	pymx5.com	www.googletagmanager.com
1	secure.quantserve.com	www.koaa.com
1	mb.moatads.com	sejs.moatads.com
1	cdn.parsely.com	www.koaa.com
1	contextual.media.net	www.koaa.com
1	sejs.moatads.com	www.koaa.com
1	www.googletagmanager.com	www.koaa.com
1	p.typekit.net	use.typekit.net
1	videoads.ewscloud.com	www.koaa.com
1	d25dfknw9ghxs6.cloudfront.net	www.koaa.com
1	koaa.com	1 redirects
0	prebid.digitru.st Failed	yummy.consumable.com
0	as-sec.casalemedia.com Failed	yummy.consumable.com
0	hb.emxdgt.com Failed	yummy.consumable.com
0	ads.adaptv.advertising.com Failed	yummy.consumable.com
0	search.spotxchange.com Failed	yummy.consumable.com
405	147

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
scripps.com
www.courttv.com
www.grittv.com
www.bouncetv.com
www.laff.com
scripps.wd5.myworkdayjobs.com
www.dontwasteyourmoney.com
support.koaa.com
assets.scrippsdigital.com
publicfiles.fcc.gov
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
*.scrippsnationalnews.com Amazon	`2021-02-05` - `2022-03-06`	a year	crt.sh
ewscripps.brightspotcdn.com Amazon	`2020-06-28` - `2021-07-28`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.scrippsdigital.com Amazon	`2020-09-04` - `2021-10-06`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.ewscloud.com DigiCert SHA2 Secure Server CA	`2019-08-02` - `2021-10-13`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.consumable.com Amazon	`2020-09-23` - `2021-10-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.bannersolution.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.pymx5.com Go Daddy Secure Certificate Authority - G2	`2020-09-10` - `2021-10-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh
e.serverbid.com R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
www.tickcounter.com R3	`2021-04-10` - `2021-07-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-05` - `2022-04-06`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
includemodal.com Amazon	`2020-11-15` - `2021-12-14`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
brid.tv Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-04-13` - `2021-06-22`	2 months	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 65 frames:

Primary Page: https://www.koaa.com/
Frame ID: 1A70D0B8BE4F239B96C3EE6F76A3458E
Requests: 104 HTTP requests in this frame

Frame: https://engine.bannersolution.net/?869099478&iframe
Frame ID: 8A224336E8A75AA683FE5886511B7631
Requests: 4 HTTP requests in this frame

Frame: https://4394967.fls.doubleclick.net/activityi;dc_pre=CPWan-i9jPACFXJe5QodyvEHXg;src=4394967;type=wftx;cat=pc_tt0;ord=4869756547636;gtm=2wg472;auiddc=2008640036.1618910026;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.koaa.com%2F
Frame ID: FAF93B86AD6BBA44D1555FA2F0926B71
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
Frame ID: 8001CA5166F85813E817DCBD98EA0A2A
Requests: 8 HTTP requests in this frame

Frame: https://www.tickcounter.com/static/js/loader.js
Frame ID: 94742DC69957D66277D9F83EB85E9698
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: B15C6E483DE8644D98A29BF6AF836263
Requests: 3 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: FC7A9865AA48056ED92F6C2DFEC8E34E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: 4F903C0578EF8DDFA528DB8670F308A4
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: D363FDDEED8EE80A5165AFE77A72C0D3
Requests: 1 HTTP requests in this frame

Frame: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Frame ID: C0509689CDD5FDC50EA15D1277C161D0
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4DB4D8AF98D495015BA2E3C77EFAB4FB
Requests: 25 HTTP requests in this frame

Frame: https://www.tickcounter.com/widget/countdown/1335240
Frame ID: 13FE17F79B0373D1BC865B0ECF5D5ADD
Requests: 12 HTTP requests in this frame

Frame: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Frame ID: 118F44E054D76D70169C5936FB7B1AAE
Requests: 13 HTTP requests in this frame

Frame: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9FBC407B55981A585CD15257E812C985
Requests: 20 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: F165561AE5F7C31AEDBDBD1ACB5CC091
Requests: 9 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6D0E8DEACE0BE9AEEC48DAC5C64C5D7E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3325904684894971257
Frame ID: 29F972A1CE838EFC215E397196150A8C
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9
Frame ID: FE1756DBD83F527DA7067DCFE22718DA
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: 33CD9752165E71F1635B1EA483985D5D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9gtAOcAXgxnVO7ka1t0nWrCJ
Frame ID: 77ACDA6BB86DD796C797C4181144D9F3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: E065271B0AD09E9C248AF410981B77AA
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 22D7BCA9A2D4C3DD10CC984B358F1E78
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: BDE593DF5D87FA3F5879D1E983B8137A
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
Frame ID: 783E72C28CC516AC879AC6B3DDBA4E00
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: 97C17B378814744AE44CE7CFA90CC44B
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1e5417c9-f990-4b58-a421-8b6b9d3533be-tuct77820cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 12136EF83A0D3405FF9CEAAA1C8C7A02
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 09A276CBFB88300B116B0CB54DF66A2F
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=98B9BCDA-2B79-472B-9E66-52F9E1958C44
Frame ID: 2204E83654053AF7F001ECFAC7578FE2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGNa5uqABMAE&v=APEucNWSgGSwmYIKjIhTHlGeWEWU0b8UP45sl9nafWNiiSs0PJOfKb5D0oZWT_HXuGQVwliMoe8jvB5Q6mdingPYyNRomGVzVD23AoZw5YToU3I4jg2iZ_UHZqG8hLo2RXciMRDNpaeQ0yXiwyz2pkIIbA7_PdpW-GbBQFu8e7Q5vbu4r566cwfa7IICBMfvbiPRUAw4EpX1WE-dKe0niwn8FUE0MfXh0w
Frame ID: 3B461D6860530038BFDE3E33E5044EBC
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800
Frame ID: 238BA084597144DE7ADEEB331575D064
Requests: 51 HTTP requests in this frame

Frame: https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/index.html
Frame ID: 825F7245713AF81B262299F071C2034B
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8FFA3538E19B58017110ECF661EA59B7
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1165.js
Frame ID: F7561AFFAA5E9259C799821A987A5FD0
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZYpvQwWQ_rLt5mA5NiUlFf-Tocx5ItX2JzQybj6SsWm9XJ3ZgzSXw_A8YgK_k19I7LDjdHZIqN2r-dLc2Ot3S1HnvuiWaLSXA4vGoTY3J8AfiIJGep-QsE-A8dOyWp1Fl8sjcvk1zSCIZBluVylJkgTZ3dDekLrR7DQJSQ-sZbLmGYF0In4K0zFEjgHhXWh-Hl7J8EJk8ErALNLJk2oqtT02n7TuibBHwceyJq-iKLHigl2caPwsVmrm_OWG1ivX8TuXfyHLLN34-CIDI8104u-hByRAd8anH-AZnARzW_SwFf7RXujSjWZXPEl__PglVJlwQJLDQCoHPZxvIImD1Ek_Ji9kvo7PSRSy7bLcEVguyLql8JnDYy_s&sig=Cg0ArKJSzNaByB0B8NzbEAE&urlfix=1&adurl=
Frame ID: 1719291297AB07D52DEE64250CDF5F06
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/t2tv7.html
Frame ID: 09BBFF47B4CBA595921FC4BF72C1F827
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: DA259512B999B9C2F95399F815EFD75A
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7C78CE755A581946413AF9CF3E4FC84A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1AB7867568BFDFC441EF772B218A4A3F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: ACA0F28C60D838C042500985D8B81F29
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkfXCPmreiV6hRKis_Lte3kem3NlILmnrZjIgNu1vwOeklIy-JslGiJy8Uxvr_CEXosKSTLryvoMyKVjytvVojGpwyznJ_jHnCJAZ_ELZHgOoBTeq89UXH2d72D2TB1XRtEHao8uNz-5CYLkZhav9wSAjJecbfQkoibV9h7j4CRzf2xF9TS7xGPRmNW2fQVHlin6sZNxNOJXxfv2ICdhtq28aK7Qy8T2Ze2vkPbDPUGomyPaM4B_dtoQtFnKdkY8MEwvVjJyfwokd6IPi-b7vggH5wC5NTtbXOmW7j0LuwKbZdn3KV1CJ4KlaYdWZwD50QS_AFfGb5sgJRHaKZ4uTxabMEhMRp9vc&sig=Cg0ArKJSzB7E-RjrFdoNEAE&adurl=
Frame ID: B9546874B212C72575DFE16D547795E5
Requests: 8 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: 8E3DD0FC8ED54B219BD37C242BFDD316
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.452.0_en.html
Frame ID: 3932B04668F9A41D3F5A086A1A30C388
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 71FC72B11A24A8E03C54F284913ACBB1
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: 117A98C2056DD00BCE393AEC2FA1146C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 62FFB7187348FD54C6CE2A822400273C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 00DC24B66C493900C89B074A56068312
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 42F045F5F09EBA772CE93943E79EA4C8
Requests: 25 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D6E873B307F9FD258DA507A327752E34
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4812760320819240441
Frame ID: 6F9EBD8E6EC5E50C687142D5CBB787CD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953165646913140885
Frame ID: CE9A57F6521F333571373E11FD843E8D
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: FDEF64F16B6E408FD2F155999C157DC3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bIeiiNaRbmamriWcdxKkWrCJ
Frame ID: 38AF4B5E5409CC8F09A01420B1BD2BEF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 140964D741682B6B2F4615082197E003
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 5D192D301B1B5E35DC50B731A807360E
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C487936EE4C415FC4E30C017BADA2A23
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=gu5yissOqMuP&pid=557219
Frame ID: 8B510C2BAC3662DE86927524E7B5B433
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: 112F93FE8C1FC8CCF31C70FFAFB6BCBB
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f2d48841-bbbe-4cd6-a208-199b474d9282-tuct77820d1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 095CA438FBBF884369D8FB4842E2FF4B
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 6DBD08656746F3E316A07E8FE52B72F3
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=22E346B5-7ED3-4939-B290-170E728F06B5
Frame ID: 3CC4E264182255F74CA2ED6CB011FA6F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F4AD5475617656D692F4D0B4DD3190DD
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E9CF723071A26F7ED5181C0C39A3600F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 84D92BA7FD7085778F45D8B73A7C763A
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1BA284BF3686CBF4943B93412B556B68
Requests: 7 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 23F75927474E4C0242F4F1FD65CF2284
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://koaa.com/ HTTP 301
https://www.koaa.com/ Page URL

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Apache Tomcat (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

405
Requests

96 %
HTTPS

32 %
IPv6

84
Domains

147
Subdomains

102
IPs

9
Countries

8386 kB
Transfer

15952 kB
Size

34
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCUknL1K-YGAa5sIss9t0_ug
Title: News5 on YouTube

Search URL Search Domain Scan URL

URL: https://scripps.com/careers/find-a-job/
Title: KOAA Careers

Search URL Search Domain Scan URL

URL: https://www.courttv.com/
Title: Court TV

Search URL Search Domain Scan URL

URL: https://www.courttv.com/mystery/
Title: Court TV Mystery

Search URL Search Domain Scan URL

URL: http://www.grittv.com/
Title: Grit TV

Search URL Search Domain Scan URL

URL: https://www.bouncetv.com/
Title: Bounce TV

Search URL Search Domain Scan URL

URL: https://www.laff.com/
Title: Laff TV

Search URL Search Domain Scan URL

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers
Title: Careers Search

Search URL Search Domain Scan URL

URL: https://www.dontwasteyourmoney.com/
Title: Don't Waste Your Money

Search URL Search Domain Scan URL

URL: http://support.koaa.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://assets.scrippsdigital.com/docs/journalism-ethics-guidelines.pdf
Title: Journalism Ethics Guidelines

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/koaa-tv
Title: FCC Public Files

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KOAA
Title: KOAA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/koaa_5/
Title: koaa_5

Search URL Search Domain Scan URL

URL: https://twitter.com/koaa
Title: koaa

Search URL Search Domain Scan URL

URL: https://scripps.com/our-brands/local-media/
Title: Scripps Local Media

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://koaa.com/ HTTP 301
https://www.koaa.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wftx;cat=pc_tt0;ord=4869756547636;gtm=2wg472;auiddc=2008640036.1618910026;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.koaa.com%2F HTTP 302
https://4394967.fls.doubleclick.net/activityi;dc_pre=CPWan-i9jPACFXJe5QodyvEHXg;src=4394967;type=wftx;cat=pc_tt0;ord=4869756547636;gtm=2wg472;auiddc=2008640036.1618910026;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.koaa.com%2F

Request Chain 62

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1618910026449&ns_c=UTF-8&cv=3.5&c8=Homepage&c7=https%3A%2F%2Fwww.koaa.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1618910026449&ns_c=UTF-8&cv=3.5&c8=Homepage&c7=https%3A%2F%2Fwww.koaa.com%2F&c9=

Request Chain 78

https://sync.serverbid.com/ss/2000248.js HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.js

Request Chain 96

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 100

https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D HTTP 302
https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D

Request Chain 101

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YH6bS82JOoztvXnv4ZUfhAAA%261219

Request Chain 102

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fe.serverbid.com%252Fudb%252F9969%252Fsync%252Fi.gif%253FpartnerId%253D28%2526userId%253D%2524UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7564398976023552319

Request Chain 103

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb67383ea-a1b8-11eb-bee4-06169fe39a36 HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb67383ea-a1b8-11eb-bee4-06169fe39a36&verify=true HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb67383ea-a1b8-11eb-bee4-06169fe39a36

Request Chain 105

https://pbs.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D HTTP 302
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D

Request Chain 106

https://x.bidswitch.net/sync?ssp=consumable HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=consumable HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=consumable HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=consumable HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=957b1216-3410-4f4d-85e7-b5ce987d4246&ssp=consumable HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=72742c5c-3b7e-48e1-a0e3-aaf32201febe

Request Chain 110

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c900607e-9b4b-4d00-af64-e989b9727952

Request Chain 111

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=opKKTK3AiUu5kdsb8saQT6bEjku5xooZo5FIO4Cr

Request Chain 112

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3645758329275352415

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjUyZTU0YjMtNjY0ZS02ZmIxLTdjMmQtZjFhMGI0NDc3ZGY1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjUyZTU0YjMtNjY0ZS02ZmIxLTdjMmQtZjFhMGI0NDc3ZGY1&google_tc=

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH-5BEUkEyh6ahBu-Zkb7uk&google_cver=1

Request Chain 141

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3325904684894971257

Request Chain 144

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9gtAOcAXgxnVO7ka1t0nWrCJ

Request Chain 147

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 150

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1e5417c9-f990-4b58-a421-8b6b9d3533be-tuct77820cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 151

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mLm82it5RyueZlL54ZWMRA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 155

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=98B9BCDA-2B79-472B-9E66-52F9E1958C44&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=98B9BCDA-2B79-472B-9E66-52F9E1958C44&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OThCOUJDREEtMkI3OS00NzJCLTlFNjYtNTJGOUUxOTU4QzQ0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIHmdWOaeg5OBGVr2sytPUQ&google_cver=1

Request Chain 161

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3645758329275352415

Request Chain 162

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c900607e-9b4b-4d00-af64-e989b9727952&gdpr=0&gdpr_consent=

Request Chain 163

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7564398976023552319&gdpr=0&gdpr_consent=

Request Chain 164

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=72742c5c-3b7e-48e1-a0e3-aaf32201febe&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=7ee2c8ab-b514-43d6-b5d3-e7e907446bca&expires=1&user_group=5&ssp=pubmatic&bsw_param=72742c5c-3b7e-48e1-a0e3-aaf32201febe HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=72742c5c-3b7e-48e1-a0e3-aaf32201febe&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 166

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=98B9BCDA-2B79-472B-9E66-52F9E1958C44&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YFQ0NM5E2uWoiBKFbLpnSEsIWdb0_v4-~A&gdpr=0&gdpr_consent=

Request Chain 167

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NXFt7Dojbusucjy7ZSV37zEnaesuJW25NHJs9GDd

Request Chain 168

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3692686230139418417&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 169

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YH6bTAAASV2viAAC HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YH6bTAAASV2viAAC&gdpr=0&gdpr_consent=&_test=YH6bTAAASV2viAAC

Request Chain 170

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4f896923-4488-4699-9709-48fd45a4f380&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 171

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 173

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7564398976023552319

Request Chain 174

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b566dd68-1b64-426b-a515-c52a8a389666

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBTjjR7rosx8xK4O766Rz0&google_cver=1

Request Chain 201

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YH6bS82JOoztvXnv4ZUfhAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBTjjR7rosx8xK4O766Rz0&google_cver=1

Request Chain 299

https://sync.serverbid.com/ss/2000248.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Request Chain 316

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fe.serverbid.com%252Fudb%252F9969%252Fsync%252Fi.gif%253FpartnerId%253D28%2526userId%253D%2524UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=9094176334211540787

Request Chain 317

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb9ef63fb-a1b8-11eb-9925-06d29999c9f8 HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb9ef63fb-a1b8-11eb-9925-06d29999c9f8&verify=true HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb9ef63fb-a1b8-11eb-9925-06d29999c9f8

Request Chain 318

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YH6bUVjkjSWNyLMZ7IQg6wAA%261216

Request Chain 319

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 322

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2db1a505-f77c-4f54-ad5c-25d49ca6fac2

Request Chain 323

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=bc7fc06725adf8310c7c1897

Request Chain 333

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECS8ZNfYpdLMgougBqhAtXw&google_cver=1

Request Chain 335

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3216024874481726658

Request Chain 336

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f53f607e-9b51-4f00-bded-95eefbdf38b0&gdpr=0&gdpr_consent=

Request Chain 337

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4812760320819240441

Request Chain 338

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9094176334211540787&gdpr=0&gdpr_consent=

Request Chain 339

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc

Request Chain 340

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953165646913140885

Request Chain 341

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGVlVrN0FfVGNBQUNwN3BCOTliZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 342

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b1795684-c1bd-405c-9f01-e753f7bbc748&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 343

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 344

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bIeiiNaRbmamriWcdxKkWrCJ

Request Chain 345

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9094176334211540787

Request Chain 348

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 349

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=gu5yissOqMuP&pid=557219

Request Chain 350

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_861fa4c6-6b76-4bb7-8cc9-f05dab7279fe

Request Chain 352

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f2d48841-bbbe-4cd6-a208-199b474d9282-tuct77820d1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 353

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Request Chain 355

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IuNGtX7TSTmykBcOco8GtQ%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IuNGtX7TSTmykBcOco8GtQ%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 357

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=22E346B5-7ED3-4939-B290-170E728F06B5&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=22E346B5-7ED3-4939-B290-170E728F06B5&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 358

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=22E346B5-7ED3-4939-B290-170E728F06B5&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=22E346B5-7ED3-4939-B290-170E728F06B5&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=22E346B5-7ED3-4939-B290-170E728F06B5&addseg=19,36,42

Request Chain 359

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjJFMzQ2QjUtN0VEMy00OTM5LUIyOTAtMTcwRTcyOEYwNkI1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjJFMzQ2QjUtN0VEMy00OTM5LUIyOTAtMTcwRTcyOEYwNkI1&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 361

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=be92bea9-a5b8-4c39-84c8-6fce267e3a6c

Request Chain 362

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a808d6e5-baa6-4e28-934f-1e59ac847241&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=6a580d9c-0b0b-4b67-b219-91e8ab667813&expires=1&user_group=5&ssp=pubmatic&bsw_param=a808d6e5-baa6-4e28-934f-1e59ac847241 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a808d6e5-baa6-4e28-934f-1e59ac847241&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 364

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=22E346B5-7ED3-4939-B290-170E728F06B5&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-dYIV0MxE2uUwsjbNZV2MvgEWUcaLRC8-~A&gdpr=0&gdpr_consent=

Request Chain 365

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2881232158985878467&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 366

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YH6bUQAATF9iSQBg HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YH6bUQAATF9iSQBg&gdpr=0&gdpr_consent=&_test=YH6bUQAATF9iSQBg

Request Chain 374

https://redirector.gvt1.com/videoplayback/id/9381a0861e923d48/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1618931633/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/8FC0BF27D31C2B4D195AFB802BBDBFDC708E0A8A.23E4E915BA26F7866967011703EC6A2EFADC8038/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5ednse.gvt1.com/videoplayback/id/9381a0861e923d48/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1618931633/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/3A03D51A57FB4E39A7657E838F5FB6F0B5F2FC7D.0E910AC6838EBED3B06650DB1203F20884BF7F91/key/cms1/cms_redirect/yes/mh/pi/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5ednse/ms/nvh/mt/1618909688/mv/u/mvi/3/pl/47/file/file.mp4

Request Chain 395

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f53f607e-9b51-4f00-bded-95eefbdf38b0

Request Chain 396

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Pr2Y2jHvmo4lupzbOu-C2T3pn94lvczaP-gil0dg

Request Chain 397

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3216024874481726658

Request Chain 400

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJzQZkiWf7t7B1LoLiDijU&google_cver=1

405 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.koaa.com/
Redirect Chain

https://koaa.com/
https://www.koaa.com/

301 KB
71 KB

41ms
10ms

Document
text/html

13.32.25.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: 4301a32c074c0c9f05a626a845b7501fe46a474e868666227c1184fdedec8a37

Request headers

Host: www.koaa.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=240
Content-Encoding: gzip
Date: Tue, 20 Apr 2021 09:11:09 GMT
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=920959B21A83606B8E72B2576F7A5DA7; Path=/; HttpOnly
X-Powered-By: Brightspot
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: q7i4eNljiInPAuZNO31OS9HEtCUziwQT0NuRqFYdWNhfWVDrP7ub6g==
Age: 156

Redirect headers

Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=240
Date: Tue, 20 Apr 2021 09:13:35 GMT
Location: https://www.koaa.com/
Server: Apache-Coyote/1.1
X-Cache: Hit from cloudfront
Via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: LwZ1XLmrJBKlZSSbyHn4rWe9vZPoBCcUZ3MLyAa0tTCo-bqUpPrJjA==
Age: 10

GET
H/1.1 200
OK All.min.65d8f2d7f19a1d6f00aa04f0c97a2644.gz.css
ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/ 154 KB
25 KB 31ms
10ms Stylesheet
text/css 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.65d8f2d7f19a1d6f00aa04f0c97a2644.gz.css
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6127a41b0cb4ecdbf2b95669560589ee2cd011e730a7ecb10b3082017ac9d3d0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 17:19:11 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 19 Apr 2021 17:19:10 GMT
Server: AmazonS3
Age: 57275
ETag: "665c7c82987707e4d070e697c42fcb30"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 25223
X-Amz-Cf-Id: UKShZNpWX2SFvKa_kxwSwsn1-uXIadgKPBnCYkrAhACXanNu_4h7Mg==

GET
H2 200 scsp.js Show response
d25dfknw9ghxs6.cloudfront.net/ 134 KB
34 KB 23ms
7ms Script
application/javascript 2600:9000:2057:2600:9:4c16:5180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2600:9:4c16:5180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f94366efc6314725e16b4002b1e6903913b1f6d9f5757aec611205dcd0db3596

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: D6d3wRZSpYd2caAk52T_Z3UgQuNzycNf
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 20:14:21 GMT
server: AmazonS3
age: 58174
etag: W/"1315a3807c809bf51bb6f25ee163a270"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
date: Mon, 19 Apr 2021 17:04:12 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: dlmDJTirwzcywYGQ3fMIJM9rytip6J6a-jfzfUiKb42JiWQrpiDCcg==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 17 KB
6 KB 32ms
17ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 20 Apr 2021 09:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jSkN56qNMXaDzbRwUxPUng==
age: 375
vary: Accept-Encoding
content-length: 5801
cf-request-id: 099027adf30000d711e984a000000001
x-ms-lease-status: unlocked
last-modified: Mon, 19 Apr 2021 23:41:01 GMT
server: cloudflare
etag: 0x8D9038C976351E3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3ab47dc5-e01e-0031-0f81-358331000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 642d42298d79d711-FRA

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
11 KB 25ms
9ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Origin: https://www.koaa.com
Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:45 GMT
content-encoding: gzip
last-modified: Wed, 20 Jun 2018 20:19:16 GMT
server: NetDNA-cache/2.2
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 403
Forbidden square--144.png
assets.scrippsdigital.com/cms/images/color_schemes/koaa/ 0
0 429ms
409ms Image
application/xml 13.32.25.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/color_schemes/koaa/square--144.png
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-20.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/cc26ff8/2147483647/strip/true/crop/400x133+0+0/resize/400x133!/quality/90/ 19 KB
20 KB 7ms
7ms Image
image/png 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/cc26ff8/2147483647/strip/true/crop/400x133+0+0/resize/400x133!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fa9%2F18%2Fe3e652be4a088413879ffc16038d%2Fkoaa-logo.png
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 48123cf29a674b797815343c767cfd0a0a2d2b5b09a88a35b089cc6c7b663cf0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Feb 2021 00:30:49 GMT
Via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 6252176
ETag: 850c8a1a76de258ff9f450f09ee549e3
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 19646
X-Amz-Cf-Id: oDCNVhoc1X1qs06ysSTtZzGvPbnLa9LWI-44L_OPu1eKdbPAnEwtDg==
Expires: Mon, 07 Feb 2022 00:30:49 GMT

GET
H2 200 tsu4adm.css
use.typekit.net/ 18 KB
2 KB 21ms
7ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tsu4adm.css

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.65d8f2d7f19a1d6f00aa04f0c97a2644.gz.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

373230acfd98e6e8704812d39c2288ce9ca1d1a20c2884586b16f3ea3e4774cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://ewscripps.brightspotcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 20 Apr 2021 09:13:45 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1657

GET
H/1.1 200
OK Blank.gif
www.koaa.com/styleguide/assets/ 57 B
474 B 15ms
7ms Image
image/gif 13.32.25.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.koaa.com/styleguide/assets/Blank.gif
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.koaa.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.koaa.com/
Cookie: JSESSIONID=920959B21A83606B8E72B2576F7A5DA7
Connection: keep-alive
Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 03:19:42 GMT
Via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache-Coyote/1.1
Age: 6501242
X-Cache: Hit from cloudfront
Content-Type: image/gif;charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-C2
Content-Length: 57
X-Amz-Cf-Id: 1Gxxhv8F72jeg5cqUFNYO9S9Fy4oV4oUmmfHXUX4i54u9YbIznVm3Q==

GET
H/1.1 200
OK DA46469_STAS_Summer_Olympics_Tokyo_2020_300x100.jpg
videoads.ewscloud.com/agency/dca_projects/46000_48000/46469_STAS_Summer_Olympics_Tokyo_2020_DS/ 14 KB
14 KB 39ms
8ms Image
image/jpeg 13.32.25.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videoads.ewscloud.com/agency/dca_projects/46000_48000/46469_STAS_Summer_Olympics_Tokyo_2020_DS/DA46469_STAS_Summer_Olympics_Tokyo_2020_300x100.jpg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f189a6458a3cf9f123e7c977d9f7d631d64859613706311f4169499247e85c01

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GHwOKztMDFL8Z1Kf6gTapTIIzWtfCZLT
Via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
Last-Modified: Fri, 02 Apr 2021 20:55:31 GMT
Server: AmazonS3
Age: 241
ETag: "850703beddd99ea692cbe4232e90b197"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Date: Tue, 20 Apr 2021 09:13:35 GMT
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 14123
X-Amz-Cf-Id: WyOG7btxIbOnq6CFbMpvwSMZRKi0Ddkyced2BLXe5tkc-aYOwaF6fg==

GET
H/1.1 200
OK logo-scripps.png
assets.scrippsdigital.com/cms/images/ 3 KB
4 KB 38ms
7ms Image
image/png 13.32.25.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Oct 2017 14:04:11 GMT
Server: AmazonS3
Age: 76021
ETag: "f46791d665054bf21da09492d448e1d2"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Mon, 19 Apr 2021 12:06:45 GMT
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 3532
X-Amz-Cf-Id: EQzygtKbZym0X_FrPGuYVDSSDVhh8QoS67VIgECv-akvYxsVUvUKQA==

GET
H/1.1 200
OK All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js Show response
ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/ 1 MB
107 KB 22ms
12ms Script
text/javascript 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db137a6af0c93b9e8a4303780ce166ecd74bd208e7f55f0f79ea741c88f8e9b3

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 17:19:11 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 19 Apr 2021 17:19:10 GMT
Server: AmazonS3
Age: 57275
ETag: "87f1353cb36e02a7e648b195952fcc3c"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 109265
X-Amz-Cf-Id: BKKEE02dYRjbSAZUXnsuPfN9vlQfTGNC8Ms6xvL353FTZZkOcKp8nQ==

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 23ms
7ms Stylesheet
text/css 2a02:26f0:7100:298::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:298::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:45 GMT
last-modified: Fri, 06 Nov 2020 01:41:46 GMT
server: nginx
etag: "5fa4a9da-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 124 KB
36 KB 60ms
52ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVPRQZQ

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2917e43bcced97aaa9ee01f478e34e859a3c9803fe5359c4645bd1476365abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36383
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:45 GMT

GET
H2 200 ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ 47 KB
16 KB 34ms
8ms XHR
application/javascript 2600:9000:2057:5c00:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5c00:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2029b43811b3fc809323aeedc380d77e061fa58d500fed32e174d1b7f046c817

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:00:14 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
age: 4411
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 14400
cache-control: public, max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: *
x-amz-cf-id: 1Pr8-tKDU4LJmRbxpspurFLZxzRP3z8yMvz-fPvh8T4_RzoVAEnipA==
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)

GET
H2 404 000000.json Show response
cdn.cookielaw.org/consent/000000/ 215 B
773 B 31ms
18ms XHR
application/xml 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/000000/000000.json

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

485184aa02356172ca92a02ff02816425b7c207e6c1c6a2d05a7c8a2eafec22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 167
vary: Accept-Encoding
cf-request-id: 099027ae88000097721136c000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: e40f766f-801e-010c-7cc5-357042000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 642d422a7eec9772-FRA

GET
H/1.1 200
OK yi.js Show response
sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/ 195 KB
69 KB 59ms
31ms Script
application/x-javascript 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e27b395dd390b36ff73915d6736d8c30721b8f2c88d69bbfe7d9baba127bd0a7

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:45 GMT
Content-Encoding: gzip
Server: AmazonS3
x-amz-request-id: C1832DF8E3A57C84
ETag: "bf99df8799c52d25f9335eccaa199ccd"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=16363
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: skebZoqQsE/Okuc2Lo8muEoerAvL8QTuDeTC5rI1a6HWL+GbLoMn0ye3ODMXieFJNpw6Fom4Ruc=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 125 KB
33 KB 104ms
20ms Script
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 22:34:17 GMT
content-encoding: gzip
server: Server
age: 38368
etag: 24ac8c0f0d59670e43bc0b1990070642
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: bUaPP2RtxjS95_NJgmCVBjhAaNU4P77K
x-amz-cf-id: 3EXsy0he0iakSgsvOcbVDlREi5jRsgJyXKn1KiGK9yG1xAni-2rlpw==

GET
H2 200 bidexchange.js Show response
contextual.media.net/ 426 KB
88 KB 96ms
69ms Script
text/javascript 104.84.56.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/bidexchange.js?cid=8CU6Q6626&dn=www.koaa.com&version=4.1&https=1

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f3a2e1fd1584db96511ebdb54441671a50535fa5dd1d4211fe4c5a7e17853709

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Tue, 20 Apr 2021 09:13:45 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Tue, 20 Apr 2021 09:43:45 GMT

GET
H2 200 consumable-cdn.js Show response
yummy.consumable.com/standalone/ 83 KB
22 KB 107ms
18ms Script
application/javascript 13.224.102.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/standalone/consumable-cdn.js
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-90.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8d2551c545c7556a6abf32ece25d1b8e12c1d31964919fb5a3b73e3ca0c67c4

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:03 GMT
content-encoding: gzip
last-modified: Thu, 18 Apr 2019 13:41:28 GMT
server: AmazonS3
age: 99
etag: W/"c70b09cf7daf3f6e63265fcf7dce428b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: a6fnRZ0B4-pGEDswMwEtj8a-iY8Ysh7nxpfGfes7LFYUz6CE4kBz5Q==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 10ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c8a8c60ca7b9df552cf44c2df2866680f73f88c291a1d85f5a52cdd11f8e892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: cXxZ+dVFPXElnppA9tju2Q==
cross-origin-resource-policy: cross-origin
expires: Tue, 20 Apr 2021 09:29:08 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: 615A1LAq67Ez7JPtiVnUn1/dTY2nmtZiCxCQ5m75n0xKRs4jg2OTeQfImh0Ip0r3cOibfHe+qSlTE6h1H829vQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: cb7f987dde0f32c66e18c428d0d624f3
date: Tue, 20 Apr 2021 09:13:45 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "9c8fad16b801215b3676cda1c49df83d"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 / Show response
engine.bannersolution.net/ Frame 8A22 11 KB
3 KB 96ms
9ms Document
text/html 37.48.77.133
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.bannersolution.net/?869099478&iframe
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.48.77.133 Schoonhoven, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: b3f7f91ff3b3cc55275bff2859dcd08962e5e34aac3d77e5f40e8beffe2cc272

Request headers

:method: GET
:authority: engine.bannersolution.net
:scheme: https
:path: /?869099478&iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.koaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

date: Tue, 20 Apr 2021 09:13:45 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, no-transform, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-store, no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: X-Requested-With, Content-Type, CSRFToken, Authorization
link: <//cdn.bannersolution.net>; rel=dns-prefetch
content-encoding: br

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/e8b3dea/2147483647/strip/true/crop/1141x642+15+0/resize/1280x720!/quality/90/ 914 KB
915 KB 47ms
26ms Image
image/png 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/e8b3dea/2147483647/strip/true/crop/1141x642+15+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fcf%2F85%2F8108a5d446fb962f4de49261f934%2Fscreen-shot-2021-04-19-at-11.07.42%20AM.png
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 85d28f9b9d2637758eebe28d657e3ef7cd3a480634c8d23886dfd33f862fe245

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 17:35:00 GMT
Via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 56324
ETag: 7c485c09e4a2389a436bbc1a14140ef7
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 936278
X-Amz-Cf-Id: lDezNXH0J0R66zgItzZtwAQVZXNIEl11fPrvVlwhjIPoSxEp6L2OYA==
Expires: Tue, 19 Apr 2022 17:35:01 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/b94b5e9/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/ 144 KB
145 KB 81ms
9ms Image
image/jpeg 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/b94b5e9/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F62%2F17%2F8290b3274e49aaedb4414a9c5002%2Fdma.jpg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 51d1f2e7670b557b1b312fe042640c777a68e7eb663b1eff53cefb957edbad03

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 13:03:46 GMT
Via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 72599
ETag: e6fc431fe29383d9c8d61f4a27d58d1c
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 147791
X-Amz-Cf-Id: 1i8XpRh60y1Ses2uX1GlpEYea4HtlR1N1jqrMUUk2BOYCbgmcqs-JQ==
Expires: Tue, 19 Apr 2022 13:03:46 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/ee07560/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/ 193 KB
193 KB 91ms
33ms Image
image/jpeg 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/ee07560/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fdf%2F02%2F746e7b8d4e36823adc2d311355ae%2Fsolar-main-1.jpg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 15c89258ac60abfacc2f4bf75d2495571f0c33afeb68cbd12c21b97dfb2090d5

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 00:00:25 GMT
Via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 33200
ETag: a0165c45ddae0a0ce89ff9c02f71b741
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 197337
X-Amz-Cf-Id: D-0FwpZ5_jye4vd9jiajsoDVBMh8o-amAi8Qwe1MowgOM7LkwK9C7g==
Expires: Wed, 20 Apr 2022 00:00:25 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/ac4b81b/2147483647/strip/true/crop/4032x2268+0+378/resize/1280x720!/quality/90/ 68 KB
68 KB 88ms
30ms Image
image/jpeg 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/ac4b81b/2147483647/strip/true/crop/4032x2268+0+378/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fee%2F72%2F1d1137414c39a5a1ad36dcc75546%2Fimage-from-ios.jpg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 57d477289405fa89bcf748f76a4a9742045557c0a678a0e1379cfb889e3c15e7

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 01:57:52 GMT
Via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 26153
ETag: 27cd14e5a05aa471f7c453ff360110d9
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 69571
X-Amz-Cf-Id: yYjeq5nFeflbqmrUQ6XmdBxUT1OjdclZ-ornaLs9s-oDikfOrqTOVA==
Expires: Wed, 20 Apr 2022 01:57:52 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/92bf30d/2147483647/strip/true/crop/6000x3375+0+313/resize/1280x720!/quality/90/ 251 KB
252 KB 66ms
10ms Image
image/jpeg 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/92bf30d/2147483647/strip/true/crop/6000x3375+0+313/resize/1280x720!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F04%2Fe4%2F6cb20e61490c962ce3cb011b674d%2Ffloydmural.jpeg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: fb42412562a078c6b585cd6dc433b18992adb7cd2f6b18f2c0d06f191fe836d2

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 23:01:58 GMT
Via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 36706
ETag: a2cc94a745e0d97abf187b245641419f
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 257496
X-Amz-Cf-Id: Q7pvwYJ-6diTiGHwBFJwAPXuYLxuvjyJaA0j3s08ClvujxJhxADfSQ==
Expires: Tue, 19 Apr 2022 23:01:59 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/9bdc7e3/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/ 162 KB
162 KB 93ms
8ms Image
image/jpeg 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/9bdc7e3/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Ff3%2F94%2Fb7653f8b4bec934235d336413a99%2Fsurvey-vaccine-open-fsg.jpg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: aaacb8a03a57a0e8c4898abf80595a0b792a2005fcc65a4476b4ffda458bff28

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 15:54:17 GMT
Via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 62368
ETag: af2a197ab71527ffb2119a76f5617106
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 165786
X-Amz-Cf-Id: R7-BpDNHIA1qTTe-rkWB__Abpj4m-zdEgUyc-4T-y_LotcKq9wDBUA==
Expires: Tue, 19 Apr 2022 15:54:17 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 16ms
7ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Origin: https://www.koaa.com
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:45 GMT
last-modified: Wed, 20 Jun 2018 20:19:36 GMT
server: NetDNA-cache/2.2
etag: "18d2347ab2a9f40ca2247cdb03303d84"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 59572

GET
H2 200 l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 33 KB
33 KB 36ms
22ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee

Request headers

Origin: https://www.koaa.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:45 GMT
server: nginx
etag: "79fea02668402fc378c129193093131a2db2577c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33568

GET
H2 200 l
use.typekit.net/af/d82519/00000000000000003b9b306a/27/ 20 KB
20 KB 37ms
23ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d82519/00000000000000003b9b306a/27/l?subset_id=2&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 90bf686f30e8bfcc224e5af0495606f031d6d5970a5701f45fc94951b2fae966

Request headers

Origin: https://www.koaa.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:45 GMT
server: nginx
etag: "fd8402d37106f684ec19a13afdcc4e7f3508fe4c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20356

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 34 KB
34 KB 46ms
33ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8

Request headers

Origin: https://www.koaa.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:45 GMT
server: nginx
etag: "b5fef031a96fc670f9c3b1b64dd52243a29d7531"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34344

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
62 KB 47ms
38ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Origin: https://www.koaa.com
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:45 GMT
last-modified: Wed, 20 Jun 2018 20:19:30 GMT
server: NetDNA-cache/2.2
etag: "f319eac1c755f9929fd856720ce1695e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 63376

GET
H2 200 p.js Show response
cdn.parsely.com/keys/koaa.com/ 73 KB
26 KB 197ms
18ms Script
application/x-javascript 13.224.96.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/koaa.com/p.js
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-38.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 13ff01508e9e4f1a98273cd84a35da402b3c384276b4efba5aad14fb68318180

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 19 Apr 2021 13:34:34 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 18:09:10 GMT
server: nginx
age: 70751
etag: W/"601ae6c6-12232"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: KCLp30BSVj_V54JaIDk5Hlz4E2mMQMPnL_2FNVvUIH8pteukbJj6dA==
expires: Tue, 20 Apr 2021 13:34:34 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/ce82450/2147483647/strip/true/crop/2048x1152+0+192/resize/320x180!/quality/90/ 15 KB
16 KB 20ms
10ms Image
image/jpeg 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/ce82450/2147483647/strip/true/crop/2048x1152+0+192/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F4e%2F13%2F4d1dabb54d7bb797dec595f28bf2%2Fmobile-vaccine-bus.jpg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 2f50684160db25af98afa3d4fe86a02032758c200e7d661ecee5eca14616e799

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Apr 2021 16:55:09 GMT
Via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 1268316
ETag: cfcef4514910f1fc52992afa5cd62e00
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 15804
X-Amz-Cf-Id: Ju9d1shDJwpjSGzWVoUzzWyDFOd9lSyvCiXxKspdpd9-5TTHEYsF3g==
Expires: Tue, 05 Apr 2022 16:55:09 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/82c9708/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/ 12 KB
13 KB 47ms
30ms Image
image/jpeg 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/82c9708/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fc1%2F4a%2F1404c8664c9f9bd7eec5fd360885%2Fusafa-soc.jpg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d227a87beb54f6759bd639c65a3d46f0dbf02eec99ed3b461619a4bdbe176c90

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 06:23:20 GMT
Via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 10225
ETag: b38ba8cfaa475f5ef4dddcc5fbc899d3
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 12565
X-Amz-Cf-Id: bh9JkB-r9-08Cx2nR5fAED4IVBwSac6Cc24GxGqLbQ0ixxfs9t1sBg==
Expires: Wed, 20 Apr 2022 06:23:20 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/a8716f5/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/ 14 KB
14 KB 46ms
30ms Image
image/jpeg 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/a8716f5/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F017%2Fb2da66f716dc47439b09dfbbeb8a98d1%2F017aa93ef84f42fc90994e76fe964e86%2Fposter_5d088abe36af4e79a9f404a008f5d60f.jpg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 8c4bbb725b9841108d806a44ccf23bc6f369d2e7f325941b0871498473cac1dc

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 04:28:46 GMT
Via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 17099
ETag: df69e65aad01adf92b02b5c8576d1a20
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 13994
X-Amz-Cf-Id: _0oQ8-wNN2_zdsgRDSBOnzhLHHyufjIsh6anhO05RSbr_U4sbufWWw==
Expires: Wed, 20 Apr 2022 04:28:46 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/a41c87b/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/ 13 KB
14 KB 31ms
26ms Image
image/jpeg 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/a41c87b/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F22%2Fd5%2F2220362d4c27b2df1a23d8c5e9bb%2Faf-football-fan.jpg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a26d702b27731190494cc024a3815a9b86123b921bbb8c2547de2a52237fd2be

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 04:28:47 GMT
Via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 17098
ETag: 8457cb8d2f1e6e404e798f4f0f07e6a3
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 13306
X-Amz-Cf-Id: UB2vEt13MexWJtzufIdexGZ0DfGb-23KJkyeNmL00gAcaku0w9ju5w==
Expires: Wed, 20 Apr 2022 04:28:47 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/d694e3d/2147483647/strip/true/crop/5184x2916+0+270/resize/320x180!/quality/90/ 19 KB
19 KB 47ms
14ms Image
image/jpeg 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/d694e3d/2147483647/strip/true/crop/5184x2916+0+270/resize/320x180!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2Fa1%2Fcb%2F894887e24767a41caaf1c746f25e%2Fap-18117640002282.jpg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3b4f0b2d84803872a7ae605569a0a3e55a47abb250fa420557a57ca579f1946e

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 04:28:50 GMT
Via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 17095
ETag: e41fc57f589bf16d7c9e0cdef25d3ebc
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 19240
X-Amz-Cf-Id: 9KqN8IVGJ92fmtuC-CgbD0xz9MdomfMm91MMwezM8l9ihhEp03c6pA==
Expires: Wed, 20 Apr 2022 04:28:50 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/9a4feda/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/ 21 KB
22 KB 44ms
14ms Image
image/jpeg 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/9a4feda/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fae%2F1a%2F07b7a05e4ca2b72bdad377880a12%2Ftravel-impacts-041921.jfif
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: b6ea3f723e214b7646d9b6c3e89619f209f729a58f74f58ca4443aaffe0d275e

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 01:44:23 GMT
Via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 26962
ETag: 28f9be1b78fadcd8d778c3d1d9dc8191
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 21493
X-Amz-Cf-Id: GOXwwl-hBTFJZJhyx6Z0Rsz6ZgV8fkD4wVbORG0wQAwED6_WTikX9g==
Expires: Wed, 20 Apr 2022 01:44:23 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/a818d29/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/ 53 KB
54 KB 14ms
13ms Image
image/jpeg 13.32.25.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/a818d29/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fa0%2F78%2Fbda965b548f8ad5bfe5a1a21b03e%2Fja-promo-sidebar-480x360.jpg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 5ad95459be7613f5f4bd435d5a7fc55265fee5b86bdefb39bd5eadb7cbcc3d40

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 15:28:11 GMT
Via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 4124734
ETag: 084dcd05b7aaa6ee873da371148e128b
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
Content-Length: 54563
X-Amz-Cf-Id: -d6rkvpgJEl8CLqkJrx-RW62DEvjcm8sTZj1igjEMFy_csvyuD8OtQ==
Expires: Thu, 03 Mar 2022 15:28:11 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 217 KB
64 KB 14ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=da1d6b6c3b16218c0ad40af3c1026d99&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaaaeb4522438f39641324e740212e05a991bc9c71e72fd5c77a5f013a6174a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.koaa.com
Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: bZp1RweiOkdMCMIE844kxw==
cross-origin-resource-policy: cross-origin
expires: Wed, 20 Apr 2022 08:37:09 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65526
x-fb-rlafr: 0
x-fb-debug: CgZP6e97VshUks2gCHyHpGA05bbXmMgYouJUsmH+cKxbtMyhrY4p7yLIvVm13V1xNauR2+H9kJ0N7SOaOyNhIA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 9debf3cb0950a5b01c2f78aea6d139d9
date: Tue, 20 Apr 2021 09:13:45 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7ca8da8ba2cb406fbbf9df0cdee1ade8"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 yi.js Show response
mb.moatads.com/ 2 KB
3 KB 152ms
62ms Script
text/html 34.249.123.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.koaa.com%2F&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&callback=MoatNadoAllJsonpRequest_40312456
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.123.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: TornadoServer/4.5.3 /
Resource Hash: dc030345988f5d46c09d998dd5c8cc49bb6283d5f8ae31dc21422db7c4f48677

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:46 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "5dde80d8909e6f05c62a77f6ffabab687595b628"
content-length: 2505
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK Cookie set weather Show response
www.koaa.com/ 94 KB
94 KB 18ms
8ms Fetch
application/json 13.32.25.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.koaa.com/weather?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: de212bff4bdc406ec8148359035d00ec07a06bde5af96b14b9da14af80eb85dc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.koaa.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.koaa.com/
Cookie: JSESSIONID=920959B21A83606B8E72B2576F7A5DA7
Connection: keep-alive
Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:36 GMT
Via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
Server: Apache-Coyote/1.1
Cache-Control: max-age=240
Age: 8
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Set-Cookie: JSESSIONID=5286833F59AFA73D6E7DFF51C5EBDE8B; Path=/; HttpOnly
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
X-Amz-Cf-Id: c3O295pg8KEynShENmtgfiwuIao3VdBXibtwJE_OUh1oEQiz3epKQg==

GET
H/1.1 200
OK Cookie set breaking-news-alerts Show response
www.koaa.com/ 73 KB
73 KB 35ms
16ms Fetch
application/json 13.32.25.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.koaa.com/breaking-news-alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: 3ff55a109889e9f4955e9b2d799d2d9dcc369ec010b0206398274b34604a6cd5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.koaa.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.koaa.com/
Cookie: JSESSIONID=920959B21A83606B8E72B2576F7A5DA7
Connection: keep-alive
Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:35 GMT
Via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
Server: Apache-Coyote/1.1
Cache-Control: max-age=240
Age: 9
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Set-Cookie: JSESSIONID=0BE7F3847B2C8868F5C26C85ADFD6306; Path=/; HttpOnly
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
X-Amz-Cf-Id: QjNhRrEHxslffGscXZgkxxYV5b3uIcaKO6NqhkHNMTScSx82C4Jw_Q==

GET
H/1.1 200
OK Cookie set alerts Show response
www.koaa.com/weather/ 71 KB
72 KB 35ms
16ms Fetch
application/json 13.32.25.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.koaa.com/weather/alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: 17c4b81dabfd36ca30e8f48f6b0218dafa1843ebecc4f6abec945ea4c2c66511

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.koaa.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.koaa.com/
Cookie: JSESSIONID=920959B21A83606B8E72B2576F7A5DA7
Connection: keep-alive
Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:36 GMT
Via: 1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
Server: Apache-Coyote/1.1
Cache-Control: max-age=240
Age: 8
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Set-Cookie: JSESSIONID=1D7E82B96827BF03DB5857A967482BF6; Path=/; HttpOnly
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
X-Amz-Cf-Id: 6BzAvSUzCBCx92aUcFB1Ui7U2TS0ab2zA-UAo3-oSZo-Hl3l47m1mA==

GET
H/1.1 200
OK Cookie set school-closings-delays Show response
www.koaa.com/weather/ 74 KB
74 KB 35ms
16ms Fetch
application/json 13.32.25.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.koaa.com/weather/school-closings-delays?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: e3ff042b865c26b62b2e24e0394df07049bd931901fd1982d0d585038e7c1bb4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.koaa.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.koaa.com/
Cookie: JSESSIONID=920959B21A83606B8E72B2576F7A5DA7
Connection: keep-alive
Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:35 GMT
Via: 1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
Server: Apache-Coyote/1.1
Cache-Control: max-age=240
Age: 9
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Set-Cookie: JSESSIONID=BE04609E1826B5B5356F69B07FC78C4A; Path=/; HttpOnly
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C2
X-Robots-Tag: nofollow
X-Amz-Cf-Id: t35pgkM7Cz17QrYkj1XpK77PnprzkrGdTqOxJGnIrcvGGskTY-ZXhw==

GET
H2 200 / Show response
api.ewscloud.com/prod/scheduler/v1/com.koaa/schedules/current/ 4 KB
4 KB 303ms
299ms Fetch
application/json 99.86.2.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.koaa/schedules/current/?type=web
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-98.fra6.r.cloudfront.net
Software: /
Resource Hash: a05442bd9be96a8e1fe5e7b3541a22f0888ded3651c2732b96c484111f6448c9

Request headers

Authorization: Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:46 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 310800ff-cff3-42df-94ad-c68f1377e3c5
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-607e9b4a-4cbdb7b879609ea02a03e68d
x-amz-apigw-id: eE0zqGg1oAMF7Pw=
content-length: 3933
x-amz-cf-id: ldw2pkyJhtbi4boQ2rVV4ffGZa1y_Nh68bxS1Fo_5DTzW5jdZEl5og==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 34ms
13ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1618910025868&de=388428463573&d=CRACKED_SCRIPPS_DFP_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=31f9dba90d7-clean&iw=07d6456&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=koaa.com&bd=koaa.com&ac=1&bq=11&f=0&na=1421099605&cs=0
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:13:46 GMT

OPTIONS
H2 200 /
api.ewscloud.com/prod/scheduler/v1/com.koaa/schedules/current/ Frame 0
0 335ms
314ms Preflight
application/json 99.86.2.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.koaa/schedules/current/?type=web
Protocol: H2
Server: 99.86.2.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-98.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://www.koaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Tue, 20 Apr 2021 09:13:46 GMT
x-amzn-requestid: cd43fb5f-2659-4218-bd0c-fbc389e87d55
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: eE0znHjbIAMF4uw=
access-control-allow-methods: GET,OPTIONS
x-amzn-trace-id: Root=1-607e9b4a-426687c85f3be88c6fa3c23d
x-cache: Miss from cloudfront
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: K2gwLyehgMNlR1SGUj-KQ8t-hj8gNMxA0alBS4VdRpuzRSLJdOnpfw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 50ms
17ms XHR
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 18557
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Tue, 20 Apr 2021 04:04:30 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ks_hVo0fOyxkDFZQFmwYjmxZ3AA4u2CGp9RmI9X8HYNlXzRnElZBiQ==

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVPRQZQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4644
date: Tue, 20 Apr 2021 07:56:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 20 Apr 2021 09:56:22 GMT

GET
H3-29

200

activityi;dc_pre=CPWan-i9jPACFXJe5QodyvEHXg;src=4394967;type=wftx;cat=pc_tt0;ord=4869756547636;gtm=2wg472;auiddc=2008640036.1618910026;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.koaa.com%2F Show response
4394967.fls.doubleclick.net/ Frame FAF9
Redirect Chain

https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wftx;cat=pc_tt0;ord=4869756547636;gtm=2wg472;auiddc=2008640036.1618910026;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.koaa.com%2F?
https://4394967.fls.doubleclick.net/activityi;dc_pre=CPWan-i9jPACFXJe5QodyvEHXg;src=4394967;type=wftx;cat=pc_tt0;ord=4869756547636;gtm=2wg472;auiddc=2008640036.1618910026;u1=Homepage;u2=Homepage;~o...

410 B
361 B

64ms
45ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4394967.fls.doubleclick.net/activityi;dc_pre=CPWan-i9jPACFXJe5QodyvEHXg;src=4394967;type=wftx;cat=pc_tt0;ord=4869756547636;gtm=2wg472;auiddc=2008640036.1618910026;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.koaa.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVPRQZQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

c333ac4887b00fce807cf24b1a6787bf7f56069737c099cac04dd5b7f8bce9d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4394967.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPWan-i9jPACFXJe5QodyvEHXg;src=4394967;type=wftx;cat=pc_tt0;ord=4869756547636;gtm=2wg472;auiddc=2008640036.1618910026;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.koaa.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.koaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnysYKG3mwOkhwotL5QyeCdtZ38iePN4a_1-wq0XAWGJIe1JWR_LyHiXmtv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Apr 2021 09:13:46 GMT
expires: Tue, 20 Apr 2021 09:13:46 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 338
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Apr 2021 09:13:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4394967.fls.doubleclick.net/activityi;dc_pre=CPWan-i9jPACFXJe5QodyvEHXg;src=4394967;type=wftx;cat=pc_tt0;ord=4869756547636;gtm=2wg472;auiddc=2008640036.1618910026;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.koaa.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 72ms
12ms Script
application/javascript 13.224.102.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-56.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:50:47 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1380
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: MWiw50cSh17Aux1eMNGFKLKMbGBBsUKsrrIotgQ-EqghEKy1MuXliA==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 50ms
31ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2546655864072944e9422c8b24897b097652a4af2c499ae9cdd91a25f34abcff

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:46 GMT
content-encoding: gzip
etag: "9RlLmuIKdNbmR7Vwrq8Y0A=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 27 Apr 2021 09:13:46 GMT

GET
H2 200 load_tags.js Show response
pymx5.com/scripts/ 9 KB
9 KB 64ms
7ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/load_tags.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVPRQZQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:03:42 GMT
age: 604
x-guploader-uploadid: ABg5-Uwc-yByD26zrqjRm9YT4m-h3i5D0mkO7Oux4piXkz57x70HNvI5YcwCIYtmYYSckcGJqHRmAB1ZjTDCM-vHq5wAe0DWDw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 8946
last-modified: Mon, 30 Nov 2020 10:13:10 GMT
server: UploadServer
etag: "f6b06694767e707999eecbe9538b403a"
x-goog-hash: crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation: 1606731190093338
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 8946
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 20 Apr 2021 10:03:42 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 27ms
9ms Image
image/gif 104.84.56.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&abte=SSP_CLIENT_control&adbd=0&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=koaa.com&servname=rtb-nv-dcos-ssp-10-6-46-125-2377&sd=1&svr=041409_223_041512_92_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001618910026110023720360963250&sspAbBucket=CONTROL&npa=0&lw=1&dapp=green&rtype=&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&id_details=&a=0&r=209&lper=1&pc=&requrl=https%3A%2F%2Fwww.koaa.com%2F&kwrf=
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-24.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:46 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 20 Apr 2021 09:13:46 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 400ms
99ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1618910026316&plid=83325579&idsite=koaa.com&url=https%3A%2F%2Fwww.koaa.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.koaa.com%2F&sref=&sts=1618910026255&slts=0&title=Homepage&date=Tue+Apr+20+2021+11%3A13%3A46+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=67870857&u=pid%3Dc47322e1b22f0004317ceb7690bf49a9
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:46 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 20-Apr-2021 09:13:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 / Show response
engine.bannersolution.net/ Frame 8A22 14 KB
4 KB 21ms
16ms Script
application/javascript 37.48.77.133
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.bannersolution.net/?869099478&t=1&tt=1618910025-4b811e59&iframe&cb=16189100263200.5638777222406792&screen=1600x1200&availscreen=300x250&framed=1&vb=1&referer=https%3A%2F%2Fwww.koaa.com%2F&bt=1
Requested by: Host: engine.bannersolution.net
URL: https://engine.bannersolution.net/?869099478&iframe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.48.77.133 Schoonhoven, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 4a6eba27414d5ee9e65bb0a28fda83f4e6cfdd4daa3b421db71f4603124260a3

Request headers

Referer: https://engine.bannersolution.net/?869099478&iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-store, no-cache
date: Tue, 20 Apr 2021 09:13:46 GMT
content-encoding: br
access-control-allow-headers: X-Requested-With, Content-Type, CSRFToken, Authorization
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, no-transform, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
link: <//cdn.bannersolution.net>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 lightsnow.png
static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/ 3 KB
3 KB 63ms
9ms Image
image/png 2600:9000:211e:4200:10:618e:d880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/lightsnow.png
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4200:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5319e11b7cb74dba3b415b0c4c5cc26a11f8108d4fe8bdf0b5ae3ffc439007cd

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iKeyX2TjRmsfn9F9zE2i_i3oqgdMAq4F
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 14:00:42 GMT
server: AmazonS3
age: 9
etag: "24f1a35dc8b536a20ce45e7ab66db70c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
date: Tue, 20 Apr 2021 09:13:38 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 2607
x-amz-cf-id: ZrvRxjqHDrO2_46nBfcK1axd2hJ7k4ASGJ9OKT9US9FO_veTocmKgQ==

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1199
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:53:47 GMT

GET
H2 200 rules-p-cfh7-Kj7hw4Cs.js Show response
rules.quantcount.com/ 1 KB
1020 B 82ms
11ms Script
application/x-javascript 2600:9000:2190:5200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-cfh7-Kj7hw4Cs.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:14:58 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2017 16:19:22 GMT
server: AmazonS3
age: 3535
etag: W/"021b7e04f30cea21812673c831b1b679"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Th27RxndSrTkomxePM8rg0oZ3AyEdO6QXgu3XfsjHBKmNkgeo7T-sw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 81ms
16ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

d5ac06a99397670c3fbdc08a77fa082996058a847fb19e7075712be21269a922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "847 / 9 of 1000 / last-modified: 1618870257"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21079
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:46 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1618910026449&ns_c=UTF-8&cv=3.5&c8=Homepage&c7=https%3A%2F%2Fwww.koaa.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1618910026449&ns_c=UTF-8&cv=3.5&c8=Homepage&c7=https%3A%2F%2Fwww.koaa.com%2F&c9=

64 B
331 B

25ms
25ms

Image
image/gif

13.224.102.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1618910026449&ns_c=UTF-8&cv=3.5&c8=Homepage&c7=https%3A%2F%2Fwww.koaa.com%2F&c9=
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-56.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:46 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: ALj3-YLZgxnYgGuPd5YU8joTXcKXC7x972R_GYDGaKjSuB4d8d3TIw==

Redirect headers

date: Tue, 20 Apr 2021 09:13:46 GMT
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1618910026449&ns_c=UTF-8&cv=3.5&c8=Homepage&c7=https%3A%2F%2Fwww.koaa.com%2F&c9=
content-length: 160
x-amz-cf-id: EhU5lnqtEiVrjFLBXoQ0YV-2GKtkHNtMArXUTbVS7lUCk5obkVifWw==

GET
H2 200 load_optional_tags Show response
api.pymx5.com/v1/sites/ 0
717 B 182ms
115ms Script
text/html 34.96.74.203
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pymx5.com/v1/sites/load_optional_tags

Requested by

Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx/1.13.7 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:46 GMT
via: 1.1 google
server: nginx/1.13.7
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 0

POST
H2 200 imp
engine.bannersolution.net/ Frame 8A22 0
396 B 14ms
14ms Ping
text/html 37.48.77.133
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.bannersolution.net/imp
Requested by: Host: engine.bannersolution.net
URL: https://engine.bannersolution.net/?869099478&iframe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.48.77.133 Schoonhoven, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://engine.bannersolution.net/?869099478&iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-store, no-cache
date: Tue, 20 Apr 2021 09:13:46 GMT
content-encoding: br
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://engine.bannersolution.net
cache-control: no-store, no-cache, no-transform, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, CSRFToken, Authorization
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 vb
engine.bannersolution.net/ Frame 8A22 0
396 B 15ms
14ms Ping
text/html 37.48.77.133
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.bannersolution.net/vb
Requested by: Host: engine.bannersolution.net
URL: https://engine.bannersolution.net/?869099478&iframe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.48.77.133 Schoonhoven, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://engine.bannersolution.net/?869099478&iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-store, no-cache
date: Tue, 20 Apr 2021 09:13:46 GMT
content-encoding: br
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://engine.bannersolution.net
cache-control: no-store, no-cache, no-transform, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, CSRFToken, Authorization
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dc_pre=CPWan-i9jPACFXJe5QodyvEHXg;src=4394967;type=wftx;cat=pc_tt0;ord=4869756547636;gtm=2wg472;auiddc=*;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.koaa.com%2F
adservice.google.com/ddm/fls/z/ Frame FAF9 42 B
498 B 92ms
66ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPWan-i9jPACFXJe5QodyvEHXg;src=4394967;type=wftx;cat=pc_tt0;ord=4869756547636;gtm=2wg472;auiddc=*;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.koaa.com%2F

Requested by

Host: 4394967.fls.doubleclick.net
URL: https://4394967.fls.doubleclick.net/activityi;dc_pre=CPWan-i9jPACFXJe5QodyvEHXg;src=4394967;type=wftx;cat=pc_tt0;ord=4869756547636;gtm=2wg472;auiddc=2008640036.1618910026;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.koaa.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4394967.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 116ms
36ms XHR
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-10036014-21&cid=1677003991.1618910026&jid=608291648&gjid=502038204&_gid=942381148.1618910026&_u=aGBAgAAjAAAAAE~&z=790680365

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Apr 2021 09:13:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.koaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 101ms
40ms XHR
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-40066851-1&cid=1677003991.1618910026&jid=140627027&gjid=513058864&_gid=942381148.1618910026&_u=aGDAiAAjBAAAAE~&z=196162874

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Apr 2021 09:13:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.koaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 38ms
36ms XHR
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-29521121-4&cid=1677003991.1618910026&jid=720398985&gjid=998938345&_gid=942381148.1618910026&_u=aGDAiAAjBAAAAE~&z=1535803797

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Apr 2021 09:13:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.koaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=848433362&t=pageview&_s=1&dl=https%3A%2F%2Fwww.koaa.com%2F&ul=en-us&de=UTF-8&dt=Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=608291648&gjid=502038204&cid=1677003991.1618910026&tid=UA-10036014-21&_gid=942381148.1618910026&gtm=2wg472NVPRQZQ&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd30=&cd31=false&cd34=false&z=211695573

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 10:05:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83270
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
8ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=848433362&t=pageview&_s=1&dl=https%3A%2F%2Fwww.koaa.com%2F&ul=en-us&de=UTF-8&dt=Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiAAjBAAAAE~&jid=140627027&gjid=513058864&cid=1677003991.1618910026&tid=UA-40066851-1&_gid=942381148.1618910026&gtm=2wg472NVPRQZQ&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd30=&cd31=false&cd34=false&z=352833298

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 10:05:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83270
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
8ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=848433362&t=pageview&_s=1&dl=https%3A%2F%2Fwww.koaa.com%2F&ul=en-us&de=UTF-8&dt=Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiAAjBAAAAE~&jid=720398985&gjid=998938345&cid=1677003991.1618910026&tid=UA-29521121-4&_gid=942381148.1618910026&gtm=2wg472NVPRQZQ&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd30=&cd31=false&z=1966355683

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 10:05:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83270
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/ Frame 8001 10 KB
3 KB 80ms
14ms Document
text/html 89.149.201.75
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.149.201.75 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 58a2f6a841e952c59656d9f137458fc7e1d31b0675e1d3c6862356b7f877c57b

Request headers

:method: GET
:authority: cdn.bannersolution.net
:scheme: https
:path: /tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://engine.bannersolution.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://engine.bannersolution.net/

Response headers

date: Tue, 20 Apr 2021 09:13:46 GMT
content-type: text/html
last-modified: Tue, 13 Apr 2021 20:24:07 GMT
expires: Wed, 20 Apr 2022 09:13:46 GMT
cache-control: max-age=31536000 public, no-transform
access-control-allow-origin: *
content-encoding: br

GET
H2 200 pixel;r=178998519;labels=Cracked.Article%20Title.Homepage;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.koaa.com%2F;uht=2;fpan=1;fpa=P0-598865159-1618910026658;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=b0f2076...
pixel.quantserve.com/ 35 B
371 B 10ms
9ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=178998519;labels=Cracked.Article%20Title.Homepage;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.koaa.com%2F;uht=2;fpan=1;fpa=P0-598865159-1618910026658;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=b0f2076b-20210419173321;cm=;gdpr=0;ref=;d=koaa.com;je=0;sr=1600x1200x24;dst=1;et=1618910026658;tzo=-120;ogl=title.Homepage%2Curl.https%3A%2F%2Fwww%252Ekoaa%252Ecom%2F%2Cimage.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F4e3b683%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Aurl.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F4e3b683%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Asecure_url.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F4e3b683%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fpng%2Csite_name.KOAA%2Ctype.website%2Cdescription.

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 pubads_impl_2021041501.js Show response
securepubads.g.doubleclick.net/gpt/ 299 KB
105 KB 31ms
29ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 08:41:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107555
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:46 GMT

GET
H2 200 14f09605740867b170abd832c8cd7fa2.js Show response
cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/ Frame 8001 65 KB
16 KB 19ms
19ms Script
application/javascript 89.149.201.75
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/14f09605740867b170abd832c8cd7fa2.js
Requested by: Host: cdn.bannersolution.net
URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.149.201.75 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: c38faed114391071afeda7600dea39b91e594565e82a87540c7db86058c8e226

Request headers

Referer: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Apr 2021 09:13:46 GMT
content-encoding: br
expires: Wed, 20 Apr 2022 09:13:46 GMT
last-modified: Tue, 13 Apr 2021 20:24:08 GMT
cache-control: max-age=31536000, public, no-transform
content-type: application/javascript

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5863
x-xss-protection: 0
server: cafe
etag: 12453517290502062038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 10:02:35 GMT

GET
H/1.1

200
OK

2000248.js Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/
Redirect Chain

https://sync.serverbid.com/ss/2000248.js
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.js

5 KB
5 KB

33ms
9ms

Script
application/x-javascript

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.js

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

25b88bf9d929543f95693a526b8a0e803eb7190cfa60042b0487a4b6b749ae71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:47 GMT
Connection: Keep-Alive
Last-Modified: Tue, 08 Dec 2020 16:28:09 GMT
age: 47
etag: "4e60003ba0cf3b31fca6aff00fe454eb"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1618910027.dop224.fr8.t,1618910027.cds221.fr8.shn,1618910027.dop224.fr8.t,1618910027.cds051.fr8.c
Content-Type: application/x-javascript
Cache-Control: max-age=33343
Content-Length: 4750
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
x-amz-request-id: tx000000000000000147f78-00607dcbdb-4d93f15-nyc3a

Redirect headers

location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.js
cache-control: no-cache
content-length: 0

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
166 B 293ms
96ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.koaa.com
date: Tue, 20 Apr 2021 09:13:46 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
166 B 233ms
96ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.koaa.com
date: Tue, 20 Apr 2021 09:13:46 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 14d391252da9be19e323844efcf3f528.png
cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/media/ Frame 8001 26 KB
26 KB 16ms
15ms Image
image/png 89.149.201.75
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/media/14d391252da9be19e323844efcf3f528.png
Requested by: Host: cdn.bannersolution.net
URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.149.201.75 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 921f2753bc6f0ebc9bd8e04edc20d0eeca1ac33fc9d07c906ce927558979370e

Request headers

Referer: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:46 GMT
last-modified: Tue, 13 Apr 2021 20:24:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
content-length: 26405
expires: Wed, 20 Apr 2022 09:13:46 GMT

GET
H2 200 ba1c5fc013dca1526e02f8feecccedcc.svg
cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/media/ Frame 8001 10 KB
4 KB 16ms
15ms Image
image/svg+xml 89.149.201.75
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/media/ba1c5fc013dca1526e02f8feecccedcc.svg
Requested by: Host: cdn.bannersolution.net
URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.149.201.75 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 0d37ed7a882409d5ab1097af48b4466eeae564774e8b331a60552cd1b12c1f85

Request headers

Referer: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Apr 2021 09:13:46 GMT
content-encoding: br
expires: Wed, 20 Apr 2022 09:13:46 GMT
last-modified: Tue, 13 Apr 2021 20:24:09 GMT
cache-control: max-age=31536000, public, no-transform
content-type: image/svg+xml

GET
H2 200 1669e3d13b7c9af6e5eb894c1e503845.svg
cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/media/ Frame 8001 4 KB
2 KB 16ms
15ms Image
image/svg+xml 89.149.201.75
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/media/1669e3d13b7c9af6e5eb894c1e503845.svg
Requested by: Host: cdn.bannersolution.net
URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.149.201.75 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 4189888d001d2b0bf74b5d86228666270f48b356a5253f2a31b85277ed70b25d

Request headers

Referer: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Apr 2021 09:13:46 GMT
content-encoding: br
expires: Wed, 20 Apr 2022 09:13:46 GMT
last-modified: Tue, 13 Apr 2021 20:24:09 GMT
cache-control: max-age=31536000, public, no-transform
content-type: image/svg+xml

GET
H2 200 09e0017a02e2408106cc9c95ea026417.svg
cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/media/ Frame 8001 5 KB
2 KB 22ms
21ms Image
image/svg+xml 89.149.201.75
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/media/09e0017a02e2408106cc9c95ea026417.svg
Requested by: Host: cdn.bannersolution.net
URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.149.201.75 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3e79c9ffd98e2288fc7c4c640854c6293d8f0a9342225f0eab90354877cad3ed

Request headers

Referer: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Apr 2021 09:13:46 GMT
content-encoding: br
expires: Wed, 20 Apr 2022 09:13:46 GMT
last-modified: Tue, 13 Apr 2021 20:24:09 GMT
cache-control: max-age=31536000, public, no-transform
content-type: image/svg+xml

GET
H2 200 85ab504fbea0f0b1f9cfa7898c30676b.svg
cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/media/ Frame 8001 9 KB
3 KB 23ms
21ms Image
image/svg+xml 89.149.201.75
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/media/85ab504fbea0f0b1f9cfa7898c30676b.svg
Requested by: Host: cdn.bannersolution.net
URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.149.201.75 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 9e23b926e2e75970ad4048a0870212de78a740bc00545de81e7db21202e06afe

Request headers

Referer: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Apr 2021 09:13:46 GMT
content-encoding: br
expires: Wed, 20 Apr 2022 09:13:46 GMT
last-modified: Tue, 13 Apr 2021 20:24:09 GMT
cache-control: max-age=31536000, public, no-transform
content-type: image/svg+xml

GET
H2 200 a63e331abc329d21813b230ebb360495.png
cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/media/ Frame 8001 3 KB
3 KB 23ms
22ms Image
image/png 89.149.201.75
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/media/a63e331abc329d21813b230ebb360495.png
Requested by: Host: cdn.bannersolution.net
URL: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.149.201.75 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: b8e3a639d96e3174df607eeef52b51ce1f4ffebda05d9e09fe39d81291e05414

Request headers

Referer: https://cdn.bannersolution.net/tc11fddaf/img/du8nv_cf2guv_e87f0644.zip/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:46 GMT
last-modified: Tue, 13 Apr 2021 20:24:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
content-length: 3113
expires: Wed, 20 Apr 2022 09:13:46 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 54ms
52ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.koaa.com%2F&pid=yphg5ZPXucOeq&cb=0&ws=1600x1200&v=7.63.00&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:46 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.koaa.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: djxdANvShd1bLLEpMQ-HeZ7WhLhFj2IrThqTypNiJSCb_T6xzUFXIg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
371 B 54ms
52ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.koaa.com%2F&pid=yphg5ZPXucOeq&cb=1&ws=1600x1200&v=7.63.00&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_HOMEPAGE_SHOWCASE%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:46 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.koaa.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Ee9jnXqOTI0IzxGztTnwZFGU_nL6v29NWaVWrRUYkARbQSNJBTQlhA==

GET
H/1.1 200
OK loader.js Show response
www.tickcounter.com/static/js/ Frame 9474 2 KB
1 KB 311ms
111ms Script
application/javascript 35.173.69.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tickcounter.com/static/js/loader.js
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.69.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-69-207.compute-1.amazonaws.com
Software: PythonAnywhere /
Resource Hash: d1f2e3dabbc5994ee54433d1f66cb8a8140146dafece034339b56201ce9df47e

Request headers

Referer: https://cdn.bannersolution.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:47 GMT
Content-Encoding: gzip
X-Clacks-Overhead: GNU Terry Pratchett
Last-Modified: Sat, 17 Apr 2021 17:01:44 GMT
Server: PythonAnywhere
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.koaa.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.koaa.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 355ms
355ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2004683021777342&correlator=1784797300237209&output=ldjh&impl=fifs&eid=22316438%2C31060708&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210420&iu_parts=6088%2Cssp.koaa%2Chome%2Clanding&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C728x90%2C10x10&prev_scp=categories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C9%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D32below%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_gv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3D1%26au%3Dhome%252Flanding%26refresh%3D0%26selector%3DMAD_NATIVE_1%26temp%3D32below&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1618910027&dt=1618910027137&dlt=1618910025177&idt=1572&frm=20&biw=1600&bih=1200&oid=3&adxs=70%2C250&adys=1291%2C1988&adks=2330639626%2C3242550973&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.koaa.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1460x280%7C740x10&msz=1460x280%7C740x10&ga_vid=1677003991.1618910026&ga_sid=1618910027&ga_hid=848433362&ga_fc=false&fws=4%2C4&ohw=1500%2C740&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

35d7b92cfe9bb26392d14898537e4ce28d29f3782e4b2460a4cfbcd66e29d4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4635
x-xss-protection: 0
google-lineitem-id: 5221840051,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138310725339,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.koaa.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 49ms
14ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 25ms
6ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
14 KB 372ms
372ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2004683021777342&correlator=666057632113726&output=ldjh&impl=fifs&eid=22316438%2C31060708&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210420&iu_parts=6088%2Cssp.koaa%2Cinview-bottom%2Chome%2Clanding&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2C%2F0%2F1%2F3%2F4&prev_iu_szs=728x90%2C994x30%7C10x1%2C300x600%7C300x250&prev_scp=categories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C8%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D32below%26m_mv%3D90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_gv%3D90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D32below%7Ccategories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D32below%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26m_gv%3D50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1618910027&dt=1618910027154&dlt=1618910025177&idt=1572&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C-12245933%2C1050&adys=-12245933%2C-12245933%2C2320&adks=2548522331%2C535396215%2C16633491&ucis=3%7C4%7C5&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.koaa.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C1500x0%7C300x630&msz=1600x-1%7C994x30%7C300x630&ga_vid=1677003991.1618910026&ga_sid=1618910027&ga_hid=848433362&ga_fc=false&fws=644%2C132%2C4&ohw=1600%2C1600%2C1500&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9580316c6847511f484180e294c363f4f57585f390ad40a4925dcb2ecac72df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14084
x-xss-protection: 0
google-lineitem-id: -1,-2,5672689199
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,138347130523
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.koaa.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame B15C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

276ms
7ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.koaa.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 20 Apr 2021 09:13:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Tue, 20 Apr 2021 09:13:47 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK Cookie set uc.html Show response
go.sonobi.com/ Frame FC7A 43 B
573 B 59ms
13ms Document
text/html 178.162.133.148
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sonobi.com/uc.html?pubid=e55fb5d7c2

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.148 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.koaa.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

Date: Tue, 20 Apr 2021 09:13:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-ams-1-7-8
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5G=s578|YH6bT; path=/; domain=.go.sonobi.com; SameSite=None; secure

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4F90 8 KB
3 KB 21ms
7ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.koaa.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=165836
Expires: Thu, 22 Apr 2021 07:17:43 GMT
Date: Tue, 20 Apr 2021 09:13:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 um
cs.emxdgt.com/ Frame D363 0
0 45ms
8ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.koaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

content-type: text/html
date: Tue, 20 Apr 2021 09:13:46 GMT
content-length: 0

GET
H2

200

cm Show response
gift-connect-d.openx.net/w/1.0/ Frame C050
Redirect Chain

https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D

780 B
811 B

16ms
16ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 816ec15320bc188289bf0b847b8ecb30c0986ef983ec40b8c4e1b9d4273273a1

Request headers

:method: GET
:authority: gift-connect-d.openx.net
:scheme: https
:path: /w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.koaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=0aedb820-06be-0ee2-331b-63f11a828068|1618910027
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=0aedb820-06be-0ee2-331b-63f11a828068|1618910027; Version=1; Expires=Wed, 20-Apr-2022 09:13:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618910027|gekin0vNiygu; Version=1; Expires=Wed, 05-May-2021 09:13:47 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 20 Apr 2021 09:13:47 GMT
content-type: text/html
content-length: 478
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=0aedb820-06be-0ee2-331b-63f11a828068|1618910027; Version=1; Expires=Wed, 20-Apr-2022 09:13:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
date: Tue, 20 Apr 2021 09:13:47 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YH6bS82JOoztvXnv4ZUfhAAA%261219

43 B
294 B

97ms
97ms

Image
image/gif

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YH6bS82JOoztvXnv4ZUfhAAA%261219
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YH6bS82JOoztvXnv4ZUfhAAA%261219
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Tue, 20 Apr 2021 09:13:47 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fe.serverbid.com%252Fudb%252F9969%252Fsync%252Fi.gif%253FpartnerId%253D28%2526userId%253D%2524UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7564398976023552319

43 B
294 B

97ms
97ms

Image
image/gif

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7564398976023552319
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:47 GMT
X-Proxy-Origin: 141.98.102.148; 141.98.102.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.234:80
AN-X-Request-Uuid: a8bf47dc-53b1-4a4b-9a3b-a6415c479437
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7564398976023552319
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb67383ea-a1b8-11eb-bee4-06169fe39a36
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb67383ea-a1b8-11eb-bee4-06169fe39a36&verify=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb67383ea-a1b8-11eb-bee4-06169fe39a36

43 B
294 B

101ms
97ms

Image
image/gif

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb67383ea-a1b8-11eb-bee4-06169fe39a36
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Redirect headers

Date: Tue, 20 Apr 2021 09:13:48 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb67383ea-a1b8-11eb-bee4-06169fe39a36
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ 0
474 B 55ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:47 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

verify
pbs.publishers.tremorhub.com/pubsync/
Redirect Chain

https://pbs.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D

43 B
182 B

87ms
86ms

Image
image/gif

2600:1f18:612b:4216:b3d7:e742:13a8:bd05
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:b3d7:e742:13a8:bd05 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

location: pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D
date: Tue, 20 Apr 2021 09:13:47 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://x.bidswitch.net/sync?ssp=consumable
https://x.bidswitch.net/ul_cb/sync?ssp=consumable
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=consumable
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=consumable
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=957b1216-3410-4f4d-85e7-b5ce987d4246&ssp=consumable
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=72742c5c-3b7e-48e1-a0e3-aaf32201febe

43 B
294 B

98ms
97ms

Image
image/gif

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=72742c5c-3b7e-48e1-a0e3-aaf32201febe
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Redirect headers

location: //e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=72742c5c-3b7e-48e1-a0e3-aaf32201febe
date: Tue, 20 Apr 2021 09:13:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 4DB4 38 KB
14 KB 9ms
8ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=103414
Expires: Wed, 21 Apr 2021 13:57:21 GMT
Date: Tue, 20 Apr 2021 09:13:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 4DB4 6 KB
7 KB 294ms
14ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=60967514&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 36480f7e278883138b416e8ba5211586b03228b956b500e2c0a2fecc4a7fc79c

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:45 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 i.gif
e.serverbid.com/udb/9969/sync/ Frame C050 43 B
294 B 98ms
96ms Image
image/gif 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=94dc2d6e-4a5d-0e27-2c64-b37aaee0df63
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame C050
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c900607e-9b4b-4d00-af64-e989b9727952

43 B
106 B

17ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c900607e-9b4b-4d00-af64-e989b9727952
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:47 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 20 Apr 2021 09:14:52 GMT
Server: MT3 3660 495c301 master cdg-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c900607e-9b4b-4d00-af64-e989b9727952
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 20 Apr 2021 09:14:51 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C050
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=opKKTK3AiUu5kdsb8saQT6bEjku5xooZo5FIO4Cr

43 B
180 B

18ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=opKKTK3AiUu5kdsb8saQT6bEjku5xooZo5FIO4Cr
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:47 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=opKKTK3AiUu5kdsb8saQT6bEjku5xooZo5FIO4Cr
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame C050
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3645758329275352415

43 B
106 B

17ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3645758329275352415
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:47 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:47 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3645758329275352415
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET openx
match.adsrvr.org/track/cmf/ Frame C050 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C050
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjUyZTU0YjMtNjY0ZS02ZmIxLTdjMmQtZjFhMGI0NDc3ZGY1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjUyZTU0YjMtNjY0ZS02ZmIxLTdjMmQtZjFhMGI0NDc3ZGY1&google_tc=

170 B
188 B

25ms
22ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjUyZTU0YjMtNjY0ZS02ZmIxLTdjMmQtZjFhMGI0NDc3ZGY1&google_tc=

Requested by

Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjUyZTU0YjMtNjY0ZS02ZmIxLTdjMmQtZjFhMGI0NDc3ZGY1&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C050
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH-5BEUkEyh6ahBu-Zkb7uk&google_cver=1

43 B
106 B

16ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH-5BEUkEyh6ahBu-Zkb7uk&google_cver=1
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:50 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH-5BEUkEyh6ahBu-Zkb7uk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1335240 Show response
www.tickcounter.com/widget/countdown/ Frame 13FE 13 KB
3 KB 154ms
154ms Document
text/html 35.173.69.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tickcounter.com/widget/countdown/1335240

Requested by

Host: www.tickcounter.com
URL: https://www.tickcounter.com/static/js/loader.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.173.69.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-69-207.compute-1.amazonaws.com

Software

PythonAnywhere /

Resource Hash

49f3439fc1fb98c85427a13ce3ad575facceb040f1fb8095ddbdb87da39caa4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: www.tickcounter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cdn.bannersolution.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.bannersolution.net/

Response headers

Date: Tue, 20 Apr 2021 09:13:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 20 Apr 2021 09:16:32 GMT
Cache-Control: max-age=300
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
X-Clacks-Overhead: GNU Terry Pratchett
Content-Encoding: gzip
Server: PythonAnywhere

GET
H2 200 pure-min.css
cdnjs.cloudflare.com/ajax/libs/pure/1.0.0/ Frame 13FE 16 KB
4 KB 31ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pure/1.0.0/pure-min.css

Requested by

Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/1335240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

434cc2ad4b3621f5d6631d2e30a25f1bddc2bc5ea8548236d70698b00578ffc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8175295
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3356
cf-request-id: 099027b6ab00004e5cfea31000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-4041"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=goDO%2BvT5v1RiVD7zGmfqHZJgzLZl4q0Hw8qYt%2B%2B%2BtNQu8JvJh6BmrqYX%2FLBDBDkCkZySPWpqFyslm%2BNsKEnZfKOD0apKmpl0Gc4bgJhM2dzkoPny7e1yg035mjOeOQsVvw%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 642d423778064e5c-FRA
expires: Sun, 10 Apr 2022 09:13:47 GMT

GET
H2 200 grids-responsive-min.css
cdnjs.cloudflare.com/ajax/libs/pure/1.0.0/ Frame 13FE 8 KB
1 KB 29ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pure/1.0.0/grids-responsive-min.css

Requested by

Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/1335240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a9e74bf710eef13b81f56375fc7e24c8b91050fa9ba66a75e9a3f35aece8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7125715
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 742
cf-request-id: 099027b6ac00004e5c4fbbc000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-1f60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bwChbyTpcO82eZQ%2FI%2BEQ%2BtwNPcw0YlLhmcSle1KWHDGzM02xb39Wl2ZBJhVFYVNdnx2GRP7I0PPUGxGJt5VOgov7ZRSV54%2FuSZL021LB%2Fu9tT8%2Fa1oE0UPSSnPe%2Fg2uaCA%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 642d423778084e5c-FRA
expires: Sun, 10 Apr 2022 09:13:47 GMT

GET
H/1.1 200
OK output.cc7c8d8e39f2.css
www.tickcounter.com/static/files/css/ Frame 13FE 2 KB
953 B 114ms
111ms Stylesheet
text/css 35.173.69.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tickcounter.com/static/files/css/output.cc7c8d8e39f2.css
Requested by: Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/1335240
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.69.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-69-207.compute-1.amazonaws.com
Software: PythonAnywhere /
Resource Hash: cc7c8d8e39f21b4af2031307ca6853f4ba39bfb10d063c58ceae2acbbadb1c33

Request headers

Referer: https://www.tickcounter.com/widget/countdown/1335240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:47 GMT
Content-Encoding: gzip
X-Clacks-Overhead: GNU Terry Pratchett
Last-Modified: Sat, 17 Apr 2021 16:59:48 GMT
Server: PythonAnywhere
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.29.2/ Frame 13FE 64 KB
20 KB 51ms
14ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.29.2/bundle.min.js

Requested by

Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/1335240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

921c1d956fb29a553a69185344a6d58aa553143e22400146222c9851d633a4b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://www.tickcounter.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 20:43:32 GMT
server: Fastly
age: 7093537
etag: "29d1f965c7168e0f0eebfe0dc6c22cc1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 20094
expires: Fri, 28 Jan 2022 06:48:10 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 13FE 87 KB
31 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/1335240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 12:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73777
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Apr 2022 12:44:10 GMT

GET
H2 200 textFit.min.js Show response
cdnjs.cloudflare.com/ajax/libs/textfit/2.4.0/ Frame 13FE 4 KB
2 KB 32ms
17ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/textfit/2.4.0/textFit.min.js

Requested by

Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/1335240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1555faed5dbb0664285f114e53c271e3e0bd7c32ba14b97893f8f95214ac0bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 982761
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1292
cf-request-id: 099027b6ac00004e5c78985000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffc-10b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=578C%2F7Wmls56Yi%2FsKdTkX6PCN4UrY9QzOz7WV94pYJH60GQb4T2%2B42ly8z7g9hLz8T%2BMit0sOhNoZYKidw6wsiR6vdbBIJrBK%2BV9S9NArPRLtk74hZJnD%2BF8LokGgO7spw%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 642d4237780c4e5c-FRA
expires: Sun, 10 Apr 2022 09:13:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 13FE 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/1335240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4645
date: Tue, 20 Apr 2021 07:56:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 20 Apr 2021 09:56:22 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/ Frame 13FE 57 KB
17 KB 30ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js

Requested by

Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/1335240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8935436
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16919
cf-request-id: 099027b6ac00004e5c05aa1000000001
timing-allow-origin: *
last-modified: Tue, 06 Oct 2020 12:01:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7c5ca4-e5ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LbxZ6nNQN%2BkofgT%2B5y6r7G3g1SRRnixM5BfegiHLYwnZrr2X0fHqdblmN0lDtxUgEBhMFXmDEwrMsub50q%2B7NzpEOu61Ty0MnWl4ROkIagS%2BbJuZ2ER7SJwOq9d6jNFMnQ%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 642d4237780a4e5c-FRA
expires: Sun, 10 Apr 2022 09:13:47 GMT

GET
H2 200 moment-timezone.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.33/ Frame 13FE 7 KB
3 KB 31ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.33/moment-timezone.min.js

Requested by

Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/1335240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50074d51ee62cfec0eefe71c66981b27677c03a71a166839ab6b1f55758717a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2209580
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2651
cf-request-id: 099027b6ac00004e5c139f2000000001
timing-allow-origin: *
last-modified: Sat, 06 Feb 2021 09:25:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "601e609b-1b8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lxt9z1mSI0dXkYaZFOqivf1p9nuxvjYAdhg53EpUPdftlkiKESIkPyqvMKKjHipOphrOxWFSFD5GIzLFEIOV5%2BF8TKoiJBIQd1g6P9V%2FtplKrfUiaesVad0zA6Is2nXxLQ%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 642d4237780d4e5c-FRA
expires: Sun, 10 Apr 2022 09:13:47 GMT

GET
H/1.1 200
OK output.6e77e564ccb6.js Show response
www.tickcounter.com/static/files/js/ Frame 13FE 10 KB
4 KB 221ms
108ms Script
application/javascript 35.173.69.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tickcounter.com/static/files/js/output.6e77e564ccb6.js
Requested by: Host: www.tickcounter.com
URL: https://www.tickcounter.com/widget/countdown/1335240
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.173.69.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-69-207.compute-1.amazonaws.com
Software: PythonAnywhere /
Resource Hash: 6e77e564ccb6c3e2618488ec9e14517dc120e14d0073b579d64b9dd26b4f8088

Request headers

Referer: https://www.tickcounter.com/widget/countdown/1335240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:47 GMT
Content-Encoding: gzip
X-Clacks-Overhead: GNU Terry Pratchett
Last-Modified: Sat, 17 Apr 2021 17:00:13 GMT
Server: PythonAnywhere
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B15C 31 KB
9 KB 11ms
11ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: aab475e61325aa8b10d5fc1127dc89c6562731d9a0dbd32db36b85a5e792ced5

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 20:37:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=31487
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9236
Expires: Tue, 20 Apr 2021 17:58:34 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/ewscrippsdfp76939516016/ Frame 118F 296 KB
101 KB 12ms
7ms Script
application/x-javascript 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c04a2ae4fa6510b9351f2f01f0380de8fca951d99df0a7f8e399dc5f0f2ccf6f

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 15:18:30 GMT
server: AmazonS3
x-amz-request-id: 6N1P0YP57SR7Z5WY
etag: "2c63749e20ab9173fff690d193fda5c2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=54781
accept-ranges: bytes
content-length: 102518
x-amz-id-2: jETGYOLIVn/7ec9s/Q3TETwF4b6RfcZcoY/qaPfsxHfJXMME9IwrqHFU3xGmCuHGJd3SUh1HeUI=

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 118F 32 KB
11 KB 99ms
7ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding: gzip
ETag: "68a10f0c0f3d345bba1f230a84a01628"
Age: 333
X-Cache: HIT
Connection: keep-alive
Content-Length: 10528
x-amz-id-2: Bu46w3nRZWfXoJwVcXUfpwFT8omtAwtsd//k6j2+4KlsQaN0f2p7WRsRgOPiiZeQLH80czEvbV0=
X-Served-By: cache-fra19138-FRA
Last-Modified: Wed, 31 Mar 2021 21:28:39 GMT
Server: AmazonS3
X-Timer: S1618910028.621597,VS0,VE0
Date: Tue, 20 Apr 2021 09:13:47 GMT
Vary: Accept-Encoding
x-amz-request-id: J133T9GDSSE517JR
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 3

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 118F 118 KB
36 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:47 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831909828443"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:47 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame B15C 284 B
536 B 1061ms
9ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

GET
H3-29 200 container.html Show response
9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9FBC 6 KB
3 KB 27ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.koaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Apr 2021 09:13:47 GMT
expires: Wed, 20 Apr 2022 09:13:47 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame F165 32 KB
11 KB 46ms
7ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding: gzip
ETag: "68a10f0c0f3d345bba1f230a84a01628"
Age: 333
X-Cache: HIT
Connection: keep-alive
Content-Length: 10528
x-amz-id-2: Bu46w3nRZWfXoJwVcXUfpwFT8omtAwtsd//k6j2+4KlsQaN0f2p7WRsRgOPiiZeQLH80czEvbV0=
X-Served-By: cache-fra19138-FRA
Last-Modified: Wed, 31 Mar 2021 21:28:39 GMT
Server: AmazonS3
X-Timer: S1618910028.633033,VS0,VE0
Date: Tue, 20 Apr 2021 09:13:47 GMT
Vary: Accept-Encoding
x-amz-request-id: J133T9GDSSE517JR
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 4

GET
H2 200 moatad.js Show response
z.moatads.com/ewscrippsdfp76939516016/ Frame F165 296 KB
101 KB 10ms
8ms Script
application/x-javascript 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c04a2ae4fa6510b9351f2f01f0380de8fca951d99df0a7f8e399dc5f0f2ccf6f

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 15:18:30 GMT
server: AmazonS3
x-amz-request-id: 6N1P0YP57SR7Z5WY
etag: "2c63749e20ab9173fff690d193fda5c2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=54781
accept-ranges: bytes
content-length: 102518
x-amz-id-2: jETGYOLIVn/7ec9s/Q3TETwF4b6RfcZcoY/qaPfsxHfJXMME9IwrqHFU3xGmCuHGJd3SUh1HeUI=

GET
H3-29 200 15572488966817962306
tpc.googlesyndication.com/simgad/ Frame F165 22 KB
22 KB 71ms
69ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15572488966817962306

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37bc77fe45d45a9d3a304ff0ebbe74ea4604d66fab8e36091e81ac07ad3838d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
x-content-type-options: nosniff
last-modified: Sat, 17 Apr 2021 02:42:01 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22571
x-xss-protection: 0
expires: Wed, 20 Apr 2022 09:13:47 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame F165 2 KB
1 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:12:43 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F165 118 KB
36 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:47 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 12ms
10ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&hp=1&wf=1&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1618910025868&de=422053362293&rx=562305608803&m=0&ar=31f9dba90d7-clean&iw=07d6456&q=1&cb=0&cu=1618910025868&ll=2&lm=0&ln=0&em=0&en=0&d=16839141%3A237842901%3A5250393788%3A138298488418&zMoatAdUnit1=ssp.koaa&zMoatAdUnit2=inview-bottom&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.koaa.com%2F&id=1&gw=crackedscrippsdfpprebidheader262014341684&fd=1&ac=1&it=500&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&pe=1%3A452%3A452%3A0%3A424&fs=180167&na=1116390570&cs=0
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:13:47 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 6D0E 43 B
284 B 63ms
15ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 20 Apr 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1332
date: Tue, 20 Apr 2021 09:13:46 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 29F9
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3325904684894971257

42 B
769 B

15ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3325904684894971257
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=98B9BCDA-2B79-472B-9E66-52F9E1958C44; chkChromeAb67Sec=1; DPSync3=1620086400%3A201_227_226_221; SyncRTB3=1621468800%3A203%7C1619481600%3A223_2_67_15%7C1619740800%3A63%7C1620172800%3A35%7C1620086400%3A54_231_220_166_78_13_71_204_222_21_81_55_3_8_230_176_56_22_88_165_7_161_189; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:c900607e-9b4b-4d00-af64-e989b9727952&KRTB&16736-uid:c900607e-9b4b-4d00-af64-e989b9727952&KRTB&23019-uid:c900607e-9b4b-4d00-af64-e989b9727952&KRTB&23114-uid:c900607e-9b4b-4d00-af64-e989b9727952; KRTBCOOKIE_391=22924-3645758329275352415&KRTB&23263-3645758329275352415; KRTBCOOKIE_57=22776-7564398976023552319; KRTBCOOKIE_153=1923-NXFt7Dojbusucjy7ZSV37zEnaesuJW25NHJs9GDd&KRTB&19420-NXFt7Dojbusucjy7ZSV37zEnaesuJW25NHJs9GDd&KRTB&22979-NXFt7Dojbusucjy7ZSV37zEnaesuJW25NHJs9GDd; KRTBCOOKIE_466=16530-72742c5c-3b7e-48e1-a0e3-aaf32201febe; KRTBCOOKIE_22=14911-3692686230139418417; KRTBCOOKIE_218=22978-YH6bTAAASV2viAAC&KRTB&23194-YH6bTAAASV2viAAC&KRTB&23209-YH6bTAAASV2viAAC&KRTB&23244-YH6bTAAASV2viAAC; KRTBCOOKIE_188=3189-no-consent; PugT=1618910026
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Tue, 20 Apr 2021 09:13:47 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-3325904684894971257; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 09:13:47 GMT; path=/ PugT=1618910027; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 09:13:47 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Jul-2021 09:13:47 GMT; path=/
X-lat: amspug005:0:401
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3325904684894971257
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET /
dsp.adfarm1.adition.com/cookie/ Frame FE17 0
0

GET pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 33CD 0
0

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 77AC
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9gtAOcAXgxnVO7ka1t0nWrCJ

42 B
776 B

17ms
16ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9gtAOcAXgxnVO7ka1t0nWrCJ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=98B9BCDA-2B79-472B-9E66-52F9E1958C44; chkChromeAb67Sec=1; DPSync3=1620086400%3A201_227_226_221; SyncRTB3=1621468800%3A203%7C1619481600%3A223_2_67_15%7C1619740800%3A63%7C1620172800%3A35%7C1620086400%3A54_231_220_166_78_13_71_204_222_21_81_55_3_8_230_176_56_22_88_165_7_161_189; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:c900607e-9b4b-4d00-af64-e989b9727952&KRTB&16736-uid:c900607e-9b4b-4d00-af64-e989b9727952&KRTB&23019-uid:c900607e-9b4b-4d00-af64-e989b9727952&KRTB&23114-uid:c900607e-9b4b-4d00-af64-e989b9727952; KRTBCOOKIE_391=22924-3645758329275352415&KRTB&23263-3645758329275352415; KRTBCOOKIE_57=22776-7564398976023552319; KRTBCOOKIE_153=1923-NXFt7Dojbusucjy7ZSV37zEnaesuJW25NHJs9GDd&KRTB&19420-NXFt7Dojbusucjy7ZSV37zEnaesuJW25NHJs9GDd&KRTB&22979-NXFt7Dojbusucjy7ZSV37zEnaesuJW25NHJs9GDd; KRTBCOOKIE_466=16530-72742c5c-3b7e-48e1-a0e3-aaf32201febe; KRTBCOOKIE_22=14911-3692686230139418417; KRTBCOOKIE_218=22978-YH6bTAAASV2viAAC&KRTB&23194-YH6bTAAASV2viAAC&KRTB&23209-YH6bTAAASV2viAAC&KRTB&23244-YH6bTAAASV2viAAC; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_336=5844-3325904684894971257; KRTBCOOKIE_1074=22956-e_b566dd68-1b64-426b-a515-c52a8a389666; PugT=1618910029; SPugT=1618910029
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Tue, 20 Apr 2021 09:13:49 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-9gtAOcAXgxnVO7ka1t0nWrCJ; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 09:13:49 GMT; path=/ PugT=1618910029; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 09:13:49 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Jul-2021 09:13:49 GMT; path=/
X-lat: amspug007:0:2916
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Tue, 20 Apr 2021 09:13:50 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=9gtAOcAXgxnVO7ka1t0nWrCJ; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9gtAOcAXgxnVO7ka1t0nWrCJ
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame E065 43 B
408 B 296ms
14ms Document
image/gif 72.251.241.196
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Tue, 20 Apr 2021 09:13:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-5
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 22D7 42 B
1 KB 45ms
18ms Document
image/gif 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-type: image/gif
content-length: 42
set-cookie: __cfduid=dde82db64de8c93a96c961c3ead9405491618910027; expires=Thu, 20-May-21 09:13:47 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-2tzg
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 099027b79c0000d72df9267000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 642d4238f941d72d-FRA

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame BDE5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
462 B

165ms
164ms

Document
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=abnoeUxlqLNnJVsVTd81I3XabuyGZa9IskZcnJAmZaK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=d88a20571c115a9cd52c9ce55c57b3c291618910027; expires=Thu, 20-May-21 09:13:47 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aNnseFyg6AarA7u8QGNw8RPqTFnU4TKiWMVrdNLTdQYHM72RXw3GtvZb76yeacSevlqZc3rP5kb34KaCU8XloB; path=/; domain=.tribalfusion.com; expires=Mon, 19-Jul-2021 09:13:47 GMT; SameSite=None; Secure; ANON_ID_old=aNnseFyg6AarA7u8QGNw8RPqTFnU4TKiWMVrdNLTdQYHM72RXw3GtvZb76yeacSevlqZc3rP5kb34KaCU8XloB; path=/; domain=.tribalfusion.com; expires=Mon, 19-Jul-2021 09:13:47 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 099027b84700002c4e6fbc5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 642d423a09a02c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-type: text/html
set-cookie: __cfduid=d88a20571c115a9cd52c9ce55c57b3c291618910027; expires=Thu, 20-May-21 09:13:47 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=abnoeUxlqLNnJVsVTd81I3XabuyGZa9IskZcnJAmZaK; path=/; domain=.tribalfusion.com; expires=Mon, 19-Jul-2021 09:13:47 GMT; SameSite=None; Secure; ANON_ID_old=abnoeUxlqLNnJVsVTd81I3XabuyGZa9IskZcnJAmZaK; path=/; domain=.tribalfusion.com; expires=Mon, 19-Jul-2021 09:13:47 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 3
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 099027b79f00002c4e2c3bb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 642d4238ffe22c4e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET rtset
bh.contextweb.com/bh/ Frame 783E 0
0

GET 141
match.deepintent.com/usersync/ Frame 97C1 0
0

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 1213
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1e5417c9-f990-4b58-a421-8b6b9d3533be-tuct77820cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

18ms
16ms

Document
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1e5417c9-f990-4b58-a421-8b6b9d3533be-tuct77820cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1e5417c9-f990-4b58-a421-8b6b9d3533be-tuct77820cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=1e5417c9-f990-4b58-a421-8b6b9d3533be-tuct77820cb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Tue, 20 Apr 2021 09:13:47 GMT
via: 1.1 varnish
x-served-by: cache-fra19171-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1618910028.754801,VS0,VE9
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=1e5417c9-f990-4b58-a421-8b6b9d3533be-tuct77820cb;Version=1;Path=/;Domain=.taboola.com;Expires=Wed, 20-Apr-2022 09:13:47 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1e5417c9-f990-4b58-a421-8b6b9d3533be-tuct77820cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Tue, 20 Apr 2021 09:13:47 GMT
via: 1.1 varnish
x-served-by: cache-fra19171-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1618910028.661979,VS0,VE82
x-vcl-time-ms: 82
content-length: 0

GET
H2

200

check Show response
pixel.tapad.com/idsync/ex/receive/ Frame 09A2
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

95 B
165 B

15ms
14ms

Document
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1618910030932; TapAd_DID=b8acd143-a1b8-11eb-bfb0-7a43b203e32b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 20 Apr 2021 09:13:50 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

Redirect headers

date: Tue, 20 Apr 2021 09:13:50 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1618910030932;Expires=Sat, 19 Jun 2021 09:13:50 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=b8acd143-a1b8-11eb-bfb0-7a43b203e32b;Expires=Sat, 19 Jun 2021 09:13:50 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length: 0
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

GET
H2 200 i.gif Show response
e.serverbid.com/udb/9969/sync/ Frame 2204 43 B
294 B 104ms
96ms Document
image/gif 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=98B9BCDA-2B79-472B-9E66-52F9E1958C44
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

:method: GET
:authority: e.serverbid.com
:scheme: https
:path: /udb/9969/sync/i.gif?partnerId=4&userId=98B9BCDA-2B79-472B-9E66-52F9E1958C44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: azk=ue1-sb1-fe3e1789-af1d-427c-a79a-0ae20cccfd28
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 43
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-type: image/gif
pragma: no-cache
set-cookie: azk=ue1-sb1-fe3e1789-af1d-427c-a79a-0ae20cccfd28; SameSite=None; Secure; Path=/; Expires=Wed, 20 Apr 2022 09:13:47 GMT
date: Tue, 20 Apr 2021 09:13:47 GMT

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4DB4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mLm82it5RyueZlL54ZWMRA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

8ms
7ms

Image
text/html

184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=165833
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Thu, 22 Apr 2021 07:17:43 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 4DB4 95 B
595 B 54ms
34ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=98B9BCDA-2B79-472B-9E66-52F9E1958C44
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 642d42390ec04e74-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 099027b7a600004e745901c000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 4DB4
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=98B9BCDA-2B79-472B-9E66-52F9E1958C44&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=98B9BCDA-2B79-472B-9E66-52F9E1958C44&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

28ms
28ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=98B9BCDA-2B79-472B-9E66-52F9E1958C44&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:49 GMT
frontend-id: 3
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:49 GMT
frontend-id: 15
location: /pubmatic/1/info2?sType=sync&sExtCookieId=98B9BCDA-2B79-472B-9E66-52F9E1958C44&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET p.gif
visitor.fiftyt.com/ Frame 4DB4 0
0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OThCOUJDREEtMkI3OS00NzJCLTlFNjYtNTJGOUUxOTU4QzQ0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:50 GMT
X-lat: amspug012:0:340
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIHmdWOaeg5OBGVr2sytPUQ&google_cver=1

42 B
855 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIHmdWOaeg5OBGVr2sytPUQ&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:49 GMT
X-lat: amspug016:0:523
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIHmdWOaeg5OBGVr2sytPUQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pubmatic
um.simpli.fi/ Frame 4DB4 0
0

GET generic
match.adsrvr.org/track/cmf/ Frame 4DB4 0
0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3645758329275352415

42 B
801 B

133ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3645758329275352415
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:47 GMT
X-lat: lhrpug005:0:459
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:47 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3645758329275352415
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c900607e-9b4b-4d00-af64-e989b9727952&gdpr=0&gdpr_consent=

42 B
946 B

107ms
22ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c900607e-9b4b-4d00-af64-e989b9727952&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:47 GMT
X-lat: lhrpug010:0:435
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Tue, 20 Apr 2021 09:14:52 GMT
Server: MT3 3660 495c301 master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c900607e-9b4b-4d00-af64-e989b9727952&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 20 Apr 2021 09:14:51 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7564398976023552319&gdpr=0&gdpr_consent=

42 B
769 B

310ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7564398976023552319&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:46 GMT
X-lat: amspug002:0:378
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:47 GMT
X-Proxy-Origin: 141.98.102.148; 141.98.102.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.150:80
AN-X-Request-Uuid: 25ff9a69-5c6d-4367-bc4c-7828c98f0917
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7564398976023552319&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=72742c5c-3b7e-48e1-a0e3-aaf32201febe&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=7ee2c8ab-b514-43d6-b5d3-e7e907446bca&expires=1&user_group=5&ssp=pubmatic&bsw_param=72742c5c-3b7e-48e1-a0e3-aaf32201febe
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=72742c5c-3b7e-48e1-a0e3-aaf32201febe&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

26ms
21ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=72742c5c-3b7e-48e1-a0e3-aaf32201febe&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:48 GMT
X-lat: lhrpug020:0:310
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=72742c5c-3b7e-48e1-a0e3-aaf32201febe&gdpr=&gdpr_consent=&gdpr_pd=
date: Tue, 20 Apr 2021 09:13:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 98B9BCDA-2B79-472B-9E66-52F9E1958C44
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4DB4 43 B
841 B 102ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/98B9BCDA-2B79-472B-9E66-52F9E1958C44?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=98B9BCDA-2B79-472B-9E66-52F9E1958C44&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YFQ0NM5E2uWoiBKFbLpnSEsIWdb0_v4-~A&gdpr=0&gdpr_consent=

0
587 B

87ms
22ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YFQ0NM5E2uWoiBKFbLpnSEsIWdb0_v4-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Tue, 20 Apr 2021 09:13:47 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Tue, 20 Apr 2021 09:13:48 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YFQ0NM5E2uWoiBKFbLpnSEsIWdb0_v4-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NXFt7Dojbusucjy7ZSV37zEnaesuJW25NHJs9GDd

42 B
894 B

24ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NXFt7Dojbusucjy7ZSV37zEnaesuJW25NHJs9GDd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:47 GMT
X-lat: amspug007:0:545
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NXFt7Dojbusucjy7ZSV37zEnaesuJW25NHJs9GDd
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3692686230139418417&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

22ms
21ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3692686230139418417&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:48 GMT
X-lat: lhrpug005:0:514
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3692686230139418417&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 20 Apr 2021 09:13:47 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YH6bTAAASV2viAAC&gdpr=0&gdpr_consent=&_test=YH6bTAAASV2viAAC

1 B
809 B

22ms
21ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YH6bTAAASV2viAAC&gdpr=0&gdpr_consent=&_test=YH6bTAAASV2viAAC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:48 GMT
X-lat: lhrpug005:0:457
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1618910028.256400,VS0,VE0
x-served-by: cache-fra19132-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YH6bTAAASV2viAAC&gdpr=0&gdpr_consent=&_test=YH6bTAAASV2viAAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4f896923-4488-4699-9709-48fd45a4f380&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

24ms
23ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4f896923-4488-4699-9709-48fd45a4f380&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:48 GMT
X-lat: lhrpug008:0:468
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4f896923-4488-4699-9709-48fd45a4f380&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Tue, 20 Apr 2021 09:13:48 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
760 B

15ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:46 GMT
X-lat: amspug009:0:383
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:47 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 4DB4 0
104 B 98ms
64ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=98B9BCDA-2B79-472B-9E66-52F9E1958C44&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:48 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7564398976023552319

42 B
505 B

22ms
21ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7564398976023552319
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:50 GMT
X-lat: lhrpug012:0:302
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:50 GMT
X-Proxy-Origin: 141.98.102.148; 141.98.102.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.75:80
AN-X-Request-Uuid: 93402bcd-e5ee-4f5d-abbc-59cc751db056
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7564398976023552319
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 4DB4
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b566dd68-1b64-426b-a515-c52a8a389666

42 B
790 B

22ms
21ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b566dd68-1b64-426b-a515-c52a8a389666
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:49 GMT
X-lat: lhrpug019:0:494
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b566dd68-1b64-426b-a515-c52a8a389666
date: Tue, 20 Apr 2021 09:13:49 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 118F 0
0 18ms
17ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHUNkFp2ugKDKVjl06-I-6rU-CtgDAdzPmHJcr9mpHV76pWkQkyDNNwXyLjobnE6Mu96GhB-DVhQ8JB9gb_PvXmC2ZRrWS5vmBzparwt-W5QR1dn2fiCZxb0BDlBks1e8jFK7p6GCQtcJUXsEz9zndQ7-KyaT7kCCoRXFAP4oIWRSajJXaH4rMQcuxriMTqXVOco6AU4IhEZT9YFvlhRfRThFl0qdnV-uRpUNfN8NsJCwbi8V-MXqc1lvwtPJ-vYiFDIImn34R9nhG2jfTLMFT4NrbqPe9kYqxfBIt0YKUfIibx7eh&sai=AMfl-YQyz1ra78WFyE2TyAb6FMTCEmDRXZnLYu7RkBw9Ku8fRWHmdbQ2UrM0B4O0DhvYB1DZMXOQ8cRZrVKXjMXtMT3RY_PiWdnTNzk8B406RgrAHklXxHZNUVk4FNY9zuYg&sig=Cg0ArKJSzDVZAVCwuPs0EAE&urlfix=1&adurl=

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Apr 2021 09:13:47 GMT

GET
H2 200 unit.js Show response
yummy.consumable.com/8580/cnsmbl-video-970x250/widget/ Frame 118F 17 KB
4 KB 22ms
21ms Script
application/javascript 13.224.102.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1618910027774
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-90.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fb10251d6a59a6063ff281464dd9aac4b7cec8136158cca1283250f68712c71

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:47 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 20:18:01 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"683e910c68af42b6090fa1e942b9a82b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-id: 5pOeGQJTekaSX4G-AA0I1zFXyX4_IUHfl0XJHYFrUjfwohMxCi-RSA==

GET
DATA 200
OK truncated
/ Frame 118F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d708e0dc50c60616a0ac694cc095518e3aa9a133a7d73f1127c1f8717f3b2db

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F165 0
0 18ms
17ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKI-zcwXvS3Lu5PICsjX93LY6JnsQGM03ELKsnHCKOAds30imhys-5VvKBsozpfiWesQbVJxNCMhA8R59PxYp3KQXMpnGxBBzQTsq57_TUo4RGGfr3xnQvntVv3CvDIK87cTq5HX-C50B4knW2uFiUe_EeKWK4iGUm14qg2S0tIpNJ4eZIGD8fo2JZhduzWubB894Sh0Kqc_inim1_LotmZQlzlgNGpjb33TckBsf6DBPAaicXj5dVBln9FKOYzOLuJfr_Xi63W3tePp1tvWLZkgHvrwOqBLc-P3OmB_z6cz9szSwJ&sai=AMfl-YQVmh9S571qB4Jn2k1Srd5Q3telnMopjubqXCR91HJeqw5ugB8--oR-MeeymfHJgTjsDsapd-C9jiP2r_Dkte0i7pqyvTQlj0jOg6JQ6OIJdEUwjZ5l5FjvlmwlOZU5&sig=Cg0ArKJSzGFx8qzXvZd-EAE&adurl=

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 17ms
17ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=EWSCRIPPSDFP1&hp=1&wf=1&pxm=3&vb=13&cm=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1618910027833&de=525496044182&m=0&ar=e4967b0-clean&iw=fb159f6&q=5&cb=0&ym=0&cu=1618910027833&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4753959316%3A2845107808%3A5672689199%3A138347130523&zMoatPS=above%201&zMoatPT=landing%20false&zMoatJS=-&zMoatMMV=60%2C50%2C40%2C30%2C20%2C10&zMoatMGV=50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=safe&zMoatMMV_MAX=60&zMoatMGV_MAX=50&dfpSlotId=-&zMoatCURL=koaa.com&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.koaa.com%2F&id=1&ii=4&bo=21815357024&bd=21817428238&gw=ewscrippsdfp76939516016&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A452%3A452%3A0%3A424&iq=60&tt=50&tu=1&tp=safe&fs=189983&na=1508719374&cs=0
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:13:47 GMT

GET
H2 200 /
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 118F 42 B
132 B 632ms
157ms Image
image/gif 3.141.126.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=838651&referer=https://www.koaa.com/
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F165 0
0 35ms
19ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkKkO8cdSV3J2F-X3XvQ2WTSh5ExSgEzIzKODx0Pnxl2zs1T-9XGBaDM7cC9YjrPPikHA8oJ5Hz8YJNAEWdg9LYZVO7CIkCaLiWj_khAHR536XmfyDYYP8aQ2puJdr3DrLbSjigHdAJfBSqTO242NMo78yqzDQFQ4xsehXrepa9Y-NH1yD5ZTb8mDeKUSLKDzvb97gF5FRAdtJ5di00iPdf1FNCNNlQ383JhF19Sea0GmWEEcfEajfkzHthoKjYLI8CB25hgvpJW_8lrBXGCiqj9xguML_fGuRNAwOGuIELJO9KiODw-I&sai=AMfl-YT2jT8SfU-4PwHE0JB2acb3zjxeD5CplFjbuibhofnsPDxQ5H1KQAPgNJu7ZFR2hSVhGDM6ecLiJbZ55z_hvk5Jk2ywgGsh8CCeDRhuRqv12vjC3vCKtRSVMK2QmMd3&sig=Cg0ArKJSzGLAj2NujcfiEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Apr 2021 09:13:47 GMT

GET
DATA 200
OK truncated
/ Frame F165 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 119679dc965803b69e2ab62236c0751a6e84588c981f5527369f337dd9188e36

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame F165 42 B
132 B 526ms
161ms Image
image/gif 3.141.126.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=439396&referer=https://www.koaa.com/
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK now Show response
www.tickcounter.com/ajax/ Frame 13FE 13 B
392 B 107ms
107ms XHR
text/html 35.173.69.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tickcounter.com/ajax/now

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.29.2/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.173.69.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-69-207.compute-1.amazonaws.com

Software

PythonAnywhere /

Resource Hash

c1636869499b6703f251bd9d1bb9a6caff9cd7c26a09616971b9237d3472f36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.tickcounter.com/widget/countdown/1335240
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:48 GMT
Referrer-Policy: same-origin
Server: PythonAnywhere
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, private
Connection: keep-alive
X-Clacks-Overhead: GNU Terry Pratchett
Content-Length: 13
X-Content-Type-Options: nosniff
Expires: Tue, 20 Apr 2021 09:13:48 GMT

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 9FBC 32 KB
11 KB 12ms
11ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding: gzip
ETag: "68a10f0c0f3d345bba1f230a84a01628"
Age: 334
X-Cache: HIT
Connection: keep-alive
Content-Length: 10528
x-amz-id-2: Bu46w3nRZWfXoJwVcXUfpwFT8omtAwtsd//k6j2+4KlsQaN0f2p7WRsRgOPiiZeQLH80czEvbV0=
X-Served-By: cache-fra19138-FRA
Last-Modified: Wed, 31 Mar 2021 21:28:39 GMT
Server: AmazonS3
X-Timer: S1618910028.123884,VS0,VE0
Date: Tue, 20 Apr 2021 09:13:48 GMT
Vary: Accept-Encoding
x-amz-request-id: J133T9GDSSE517JR
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 5

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3B46 478 B
322 B 25ms
18ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGNa5uqABMAE&v=APEucNWSgGSwmYIKjIhTHlGeWEWU0b8UP45sl9nafWNiiSs0PJOfKb5D0oZWT_HXuGQVwliMoe8jvB5Q6mdingPYyNRomGVzVD23AoZw5YToU3I4jg2iZ_UHZqG8hLo2RXciMRDNpaeQ0yXiwyz2pkIIbA7_PdpW-GbBQFu8e7Q5vbu4r566cwfa7IICBMfvbiPRUAw4EpX1WE-dKe0niwn8FUE0MfXh0w

Requested by

Host: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN8DEPHb-r4CGNa5uqABMAE&v=APEucNWSgGSwmYIKjIhTHlGeWEWU0b8UP45sl9nafWNiiSs0PJOfKb5D0oZWT_HXuGQVwliMoe8jvB5Q6mdingPYyNRomGVzVD23AoZw5YToU3I4jg2iZ_UHZqG8hLo2RXciMRDNpaeQ0yXiwyz2pkIIbA7_PdpW-GbBQFu8e7Q5vbu4r566cwfa7IICBMfvbiPRUAw4EpX1WE-dKe0niwn8FUE0MfXh0w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlost_fuWArRG6vMOaBZpE8WD2jvSNf6tZ_eAVx9U_Z8lEu32IDgORm0yVnKDY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 20 Apr 2021 09:13:48 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9FBC 57 KB
23 KB 45ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxNH2sGZZOr_04rBSTl3A5t0cGX65kdYiZKVAgYyD6NLeP2RHr-Q39UTGH2WLMB4LrGfGD5mq4ZgfN0wyTPhzGaHQE4_gROKKxGVV61rPKCr-z3_FamffGDEuUtADgX7QsX7I6SXKMzzNlNeXPxOhXqNYRZQ&dbm_d=AKAmf-AM9-4fb8vvyiKnZEhXFt44yx6-WwmBXUrJX2Xk3gV01Oocko76LksR1L4vMfOi4XP4kuXhBTh1v5qXbjj2xDUS8MUyv1v3QUcrCpmI8YFOQ6rLOIiScIhMEJDOS4LcdXUwfvPzvrkWT4Pu8JGoM5ij2S2ajdBNAo-rjDlotI2erX-BrCVjUx8M5sNgsw_D8BN5kUmsG0auo2jg3pKgIc1dLjIYDS0Yyz2s8IIMYxTpmF95Nss8FkpzsEU-4arg9Da2NHRW9Ax6K9FdkJdWLmAjAHW538-9d28aBR3FYhuW2j2gC_w0wzWt802mioPMueeDVABxmxOYDUziQwJNiaiNAobHHZI9X0xosFFL8ZScthKkDKK7-_Pm-M7UTZpPdURxzlX-T4g672ot9WJ4PcgzKz85KeBNJO-VrPEclIc-IeuuBBMoHMqUA-W3tJKi5IIRxctHCJew_QfZ5z26brEwn12-MZuHyOwaH7ZNIOXXF_-oTiOxUw8nOz0r5hvlnZtM78OI58DsxCe9fA2Wm5od_LPOMvR1qrVXIOyexOwbQorCX_K05utzq7BwoYsjX_lztxkZAHTEcGpZH0lWDGxtSTR63vYECwBrYg0iWHr9kxRD2zEfv57YEK2breqhICP__eZHeNmEKvWXfiEUCYC1GzEhqDz65HOvc7G9FH-N_NT7xeSueWRW4ULb7wvFyaOxEqKWHuan0lpayMfpbkLyQma1lU6T0A-C_GUV5_e7TEGlJ3UtyQfSXhJlu3-5BrkWATNx2BpG2I0bCK0qkqa1zzjxKOt6bhtpv6zjnTn015kzJZfpMToa8bQJmu8_S2AqjIw7U0q-IaE4aoPMy8iCJTOaVwGqboS5_O24Iz4_cTqy29JVsfrefR32cCD5DCS4dAv_ffu2_5BSrndOt2Gln5FPsUyNQBK2kdElXmiDGoA84jdcqCASqv_9WGKOnIH4EDhTcQDoVNWODOma_WkCzEy_kmp0CRxFlAmQz-7wOTyn83FNrgRtpF92BOGe9IrD_W2ttnjyAjZ1VjfzeFYdUBJkq9DjHAxUotpX4LrZpkvepNQdvDtgZPS1KdwS1KIiqvG_EDfX6x1CSUcuht8plmr8yif5eJuQmZzuwL-H0FnzhAxlqqvbtq6pGsmL4EjmnGD_tXJAEeElW35ASC2Amq7crYEE0vv4Y_8fIMUimIGsE308cQpAG9REixSI_SYv8QbKCgwTPkwuB8e74jtTERzLU9MbI6lLhPgWstDhjue1nRrGpDHCOzmEBjkmmAqDTITlostrt8Y1ORIQSLwwpz6h2g5wU_sX95mJazsGVlN7c60nVx-gK9uj7LfVmzvga8wlslFs6uibhdGvn6mh-Qmheztufvwojzs_0EGMOpnxugz2zgFEwrfEXe1GJAgwXDDBOba0CxlqayTCkJv6rC80APBhKbXGjphNqNbBEq3TCSfMexPW2IALofc_Nc_b_9YgMLOTVCPbF6xuTng2fvQTlKWpZaCAeARxF5p7sRpJnwBScgT7a_ATcaSV5ZQaMO0M76vZVCWoRbk1bk8iB79hl_7hfWLRZGO5P3u2n8AsM_JUxsmOdj7l9BEK6u2C_eKUDaCtks0_8LCRE1jSDXrm6bjVqou610H_D7nhGDxySls-DFWiQ3QcHzF3BfrWKLbvl3cgGNgsHdD1ovBt66CNl7iqyV15dJChyrDbMEabIQyQP1x54B1pi-dIxaj0O9a8ZbbgLfLa5L9RA6LSyyy_hfHQoQxYJToow1HglMlNUUBgLT8J6k9bxQKs9HSiikW3qW97P4AbAd64IWtEzbXva_7-6TeT8nBw4pgeOvAhYo0LxDNnhlRwMBj-5DwVzQLRgcd1EWtiHs9qjowBTyBCz4WVHI1IpUPScP3wlDWxQ7JJD_h2IdLkztudnGc5cHJrb7_jOAE_ZUpSAAkkF7aTGUozvEb5kZUDQ1A-UXCDziftcGgOshWuRVi1YzCNzPbD_tXWsNcDS59risWwe1N1x9zzdRXhNyRf-Z02q55-bllIjUNkq2uTXwdnmWhFNneA3tl5wAxIAEurnI_ltfBGrXEx7T4AZXYxrdct4lRc82ZGk-pBb_RcQMq24O5ky256xbVV-4RDHxZ2gTLbs9DzgW5zdha5z97249vZmfHSIHh2dU0l8dCTpr3QtA-t0vjSw7yyzWjqCuYdFke04uE6-DD0YGjwYYNDmbcsebKP-8Recsngie_JRR0X7ils5HjxWDjvCJdPj9KmFq6quSlXIWjCPyRsRJrQXtu8N3DJYcua8VfHoYz_h72Yk8DMLZp4XrkRJmauuNZq-BEYcX9Vssv7IcAjaETrI3csX9gtlzNykH4OKI7Jum-e1DykLFMkfjdP8dB4DWCQFGZthTvUlf8oOsOtivbEvPM5bmH4pZ6UaBq2mkjumt_GyS9QfQpMeaPnptF3RibmzQuCtxQTaM5Zi-2j5y2NFq-fJ8gi0Gp8kI9Nbw7hr_oghDp7gkGKdJILlAqmtbztzZLrrLUshJXGXN6Ajbytjleh270kq2f9VabBR2C2kz-SWlvOOF3fZCC8r3VuuN31sX1H7XXf08Hgfi8BdsyfNonBH-8yAMYArw2N3O4SOH8GPn7aTf20FW45pEKyrh6OwqqQjUh78UjMvcxHaCEETZl0LdDSOGGNBRAmb8F2xcInwPluxAZQMawuYAnOYrFRfJB4PeLU3liNf1NNopYwO7tgOhfXZ9AcgH_I3W_f1CSCrmNFaKAdHFRMVXwAay62VYlB0vAJ0auaz639U5UMFkAkQChT5WVDEAkkQ3OUvBz3q5QPr3Rc9rkLy7mtHahYmG8fkBjJ6DuE1Eibnqe29MLeSHrG4640xqQN5U52phCs5nimqXQ9f_pu4zk-JG6-C7n4bYBkTeL079gT4-ERaJThVdHMRqphopP0ofXkPpnIgPsmwjzyHkOyIXiRch9_bM0BsGN_WkxgNEw_MoZyFUIyFEC4n1M&cid=CAASPeRoeEUBTlSQiH9-30LxYgj2SoZsKeTormf6zzxCmqLWActJFyj3Wgv82Txb1C1EZQ1NVg11FrnrzgR5hPo&rfl=1%2Chttps%253A%252F%252Fwww.koaa.com%252F%240

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf062384c8d059bdd884e66ece62ef33453a54cd536fede02f34f2b9d732cae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FBC 42 B
173 B 33ms
27ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AkPrua3kGyNJTH5-wEVKFwvv6S390eSfL3bkMsyLfD5pN1tmMQk_syjDH6-hcKExM3xQlcCxHl4fO6_vHLC3B-qTdlP3Kkix4ro0rnxvnlwKF8KXs

Requested by

Host: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 9FBC 2 KB
1 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:12:43 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9FBC 118 KB
36 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:48 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 9FBC 13 KB
5 KB 17ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:12:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
9ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2F9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.koaa.com%2F&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.koaa.com%2F&id=1&f=0&j=&t=1618910025868&de=422053362293&rx=562305608803&cu=1618910025868&m=2278&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=11641&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A452%3A452%3A0%3A424&as=0&ag=35&an=0&gf=35&gg=0&ix=35&ic=35&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=35&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=69&cd=0&ah=69&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.koaa&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=970366066&cs=0
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:13:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 238B 6 KB
1 KB 34ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1618910027774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78862fceb28d06e4cc3de1d931443552a9616c2b8a066393c4f9d6fd0ff68de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 07:21:46 GMT
server: ESF
date: Tue, 20 Apr 2021 09:13:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Apr 2021 09:13:48 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 238B 62 KB
21 KB 19ms
16ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1618910027774

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

58bdd89b53ded47f1781eb20d8c610546582a41ba0462d610d03a700b389bd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "847 / 919 of 1000 / last-modified: 1618870257"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21085
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:48 GMT

GET
H2 200 cool-by-consumable-2.svg
yummy.consumable.com/8580/cnsmbl-video-970x250/img/ Frame 238B 6 KB
3 KB 47ms
44ms Image
image/svg+xml 13.224.102.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/img/cool-by-consumable-2.svg
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1618910027774
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-90.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6aa3fcf04d6a362c2a082cd482606251de0e0129861145fca91cbdd3121af86

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 20:18:02 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"f7152d7a85b77d8f0ddc9786ef9cc0b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-id: G6iAzRn2USIczrlUh_B3rkngoeNtAiUZshXpS90InF_yVCSok4d6nQ==

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 9FBC 111 KB
39 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49695
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Apr 2021 19:25:33 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/ Frame 9FBC 8 KB
3 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxNH2sGZZOr_04rBSTl3A5t0cGX65kdYiZKVAgYyD6NLeP2RHr-Q39UTGH2WLMB4LrGfGD5mq4ZgfN0wyTPhzGaHQE4_gROKKxGVV61rPKCr-z3_FamffGDEuUtADgX7QsX7I6SXKMzzNlNeXPxOhXqNYRZQ&dbm_d=AKAmf-AM9-4fb8vvyiKnZEhXFt44yx6-WwmBXUrJX2Xk3gV01Oocko76LksR1L4vMfOi4XP4kuXhBTh1v5qXbjj2xDUS8MUyv1v3QUcrCpmI8YFOQ6rLOIiScIhMEJDOS4LcdXUwfvPzvrkWT4Pu8JGoM5ij2S2ajdBNAo-rjDlotI2erX-BrCVjUx8M5sNgsw_D8BN5kUmsG0auo2jg3pKgIc1dLjIYDS0Yyz2s8IIMYxTpmF95Nss8FkpzsEU-4arg9Da2NHRW9Ax6K9FdkJdWLmAjAHW538-9d28aBR3FYhuW2j2gC_w0wzWt802mioPMueeDVABxmxOYDUziQwJNiaiNAobHHZI9X0xosFFL8ZScthKkDKK7-_Pm-M7UTZpPdURxzlX-T4g672ot9WJ4PcgzKz85KeBNJO-VrPEclIc-IeuuBBMoHMqUA-W3tJKi5IIRxctHCJew_QfZ5z26brEwn12-MZuHyOwaH7ZNIOXXF_-oTiOxUw8nOz0r5hvlnZtM78OI58DsxCe9fA2Wm5od_LPOMvR1qrVXIOyexOwbQorCX_K05utzq7BwoYsjX_lztxkZAHTEcGpZH0lWDGxtSTR63vYECwBrYg0iWHr9kxRD2zEfv57YEK2breqhICP__eZHeNmEKvWXfiEUCYC1GzEhqDz65HOvc7G9FH-N_NT7xeSueWRW4ULb7wvFyaOxEqKWHuan0lpayMfpbkLyQma1lU6T0A-C_GUV5_e7TEGlJ3UtyQfSXhJlu3-5BrkWATNx2BpG2I0bCK0qkqa1zzjxKOt6bhtpv6zjnTn015kzJZfpMToa8bQJmu8_S2AqjIw7U0q-IaE4aoPMy8iCJTOaVwGqboS5_O24Iz4_cTqy29JVsfrefR32cCD5DCS4dAv_ffu2_5BSrndOt2Gln5FPsUyNQBK2kdElXmiDGoA84jdcqCASqv_9WGKOnIH4EDhTcQDoVNWODOma_WkCzEy_kmp0CRxFlAmQz-7wOTyn83FNrgRtpF92BOGe9IrD_W2ttnjyAjZ1VjfzeFYdUBJkq9DjHAxUotpX4LrZpkvepNQdvDtgZPS1KdwS1KIiqvG_EDfX6x1CSUcuht8plmr8yif5eJuQmZzuwL-H0FnzhAxlqqvbtq6pGsmL4EjmnGD_tXJAEeElW35ASC2Amq7crYEE0vv4Y_8fIMUimIGsE308cQpAG9REixSI_SYv8QbKCgwTPkwuB8e74jtTERzLU9MbI6lLhPgWstDhjue1nRrGpDHCOzmEBjkmmAqDTITlostrt8Y1ORIQSLwwpz6h2g5wU_sX95mJazsGVlN7c60nVx-gK9uj7LfVmzvga8wlslFs6uibhdGvn6mh-Qmheztufvwojzs_0EGMOpnxugz2zgFEwrfEXe1GJAgwXDDBOba0CxlqayTCkJv6rC80APBhKbXGjphNqNbBEq3TCSfMexPW2IALofc_Nc_b_9YgMLOTVCPbF6xuTng2fvQTlKWpZaCAeARxF5p7sRpJnwBScgT7a_ATcaSV5ZQaMO0M76vZVCWoRbk1bk8iB79hl_7hfWLRZGO5P3u2n8AsM_JUxsmOdj7l9BEK6u2C_eKUDaCtks0_8LCRE1jSDXrm6bjVqou610H_D7nhGDxySls-DFWiQ3QcHzF3BfrWKLbvl3cgGNgsHdD1ovBt66CNl7iqyV15dJChyrDbMEabIQyQP1x54B1pi-dIxaj0O9a8ZbbgLfLa5L9RA6LSyyy_hfHQoQxYJToow1HglMlNUUBgLT8J6k9bxQKs9HSiikW3qW97P4AbAd64IWtEzbXva_7-6TeT8nBw4pgeOvAhYo0LxDNnhlRwMBj-5DwVzQLRgcd1EWtiHs9qjowBTyBCz4WVHI1IpUPScP3wlDWxQ7JJD_h2IdLkztudnGc5cHJrb7_jOAE_ZUpSAAkkF7aTGUozvEb5kZUDQ1A-UXCDziftcGgOshWuRVi1YzCNzPbD_tXWsNcDS59risWwe1N1x9zzdRXhNyRf-Z02q55-bllIjUNkq2uTXwdnmWhFNneA3tl5wAxIAEurnI_ltfBGrXEx7T4AZXYxrdct4lRc82ZGk-pBb_RcQMq24O5ky256xbVV-4RDHxZ2gTLbs9DzgW5zdha5z97249vZmfHSIHh2dU0l8dCTpr3QtA-t0vjSw7yyzWjqCuYdFke04uE6-DD0YGjwYYNDmbcsebKP-8Recsngie_JRR0X7ils5HjxWDjvCJdPj9KmFq6quSlXIWjCPyRsRJrQXtu8N3DJYcua8VfHoYz_h72Yk8DMLZp4XrkRJmauuNZq-BEYcX9Vssv7IcAjaETrI3csX9gtlzNykH4OKI7Jum-e1DykLFMkfjdP8dB4DWCQFGZthTvUlf8oOsOtivbEvPM5bmH4pZ6UaBq2mkjumt_GyS9QfQpMeaPnptF3RibmzQuCtxQTaM5Zi-2j5y2NFq-fJ8gi0Gp8kI9Nbw7hr_oghDp7gkGKdJILlAqmtbztzZLrrLUshJXGXN6Ajbytjleh270kq2f9VabBR2C2kz-SWlvOOF3fZCC8r3VuuN31sX1H7XXf08Hgfi8BdsyfNonBH-8yAMYArw2N3O4SOH8GPn7aTf20FW45pEKyrh6OwqqQjUh78UjMvcxHaCEETZl0LdDSOGGNBRAmb8F2xcInwPluxAZQMawuYAnOYrFRfJB4PeLU3liNf1NNopYwO7tgOhfXZ9AcgH_I3W_f1CSCrmNFaKAdHFRMVXwAay62VYlB0vAJ0auaz639U5UMFkAkQChT5WVDEAkkQ3OUvBz3q5QPr3Rc9rkLy7mtHahYmG8fkBjJ6DuE1Eibnqe29MLeSHrG4640xqQN5U52phCs5nimqXQ9f_pu4zk-JG6-C7n4bYBkTeL079gT4-ERaJThVdHMRqphopP0ofXkPpnIgPsmwjzyHkOyIXiRch9_bM0BsGN_WkxgNEw_MoZyFUIyFEC4n1M&cid=CAASPeRoeEUBTlSQiH9-30LxYgj2SoZsKeTormf6zzxCmqLWActJFyj3Wgv82Txb1C1EZQ1NVg11FrnrzgR5hPo&rfl=1%2Chttps%253A%252F%252Fwww.koaa.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:09:08 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 9FBC 21 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65c88bdeb2f983517f1be4d68218f801ea8201919dbd9edd28359a344d8a0574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8469
x-xss-protection: 0
server: cafe
etag: 15267579076523134137
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:09:53 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 3B46 170 B
243 B 2509ms
24ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGNa5uqABMAE&v=APEucNWSgGSwmYIKjIhTHlGeWEWU0b8UP45sl9nafWNiiSs0PJOfKb5D0oZWT_HXuGQVwliMoe8jvB5Q6mdingPYyNRomGVzVD23AoZw5YToU3I4jg2iZ_UHZqG8hLo2RXciMRDNpaeQ0yXiwyz2pkIIbA7_PdpW-GbBQFu8e7Q5vbu4r566cwfa7IICBMfvbiPRUAw4EpX1WE-dKe0niwn8FUE0MfXh0w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3B46
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBTjjR7rosx8xK4O766Rz0&google_cver=1

43 B
1014 B

26ms
12ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBTjjR7rosx8xK4O766Rz0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGNa5uqABMAE&v=APEucNWSgGSwmYIKjIhTHlGeWEWU0b8UP45sl9nafWNiiSs0PJOfKb5D0oZWT_HXuGQVwliMoe8jvB5Q6mdingPYyNRomGVzVD23AoZw5YToU3I4jg2iZ_UHZqG8hLo2RXciMRDNpaeQ0yXiwyz2pkIIbA7_PdpW-GbBQFu8e7Q5vbu4r566cwfa7IICBMfvbiPRUAw4EpX1WE-dKe0niwn8FUE0MfXh0w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 20 Apr 2021 09:13:50 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBTjjR7rosx8xK4O766Rz0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3B46
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YH6bS82JOoztvXnv4ZUfhAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBTjjR7rosx8xK4O766Rz0&google_cver=1

43 B
1014 B

19ms
18ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBTjjR7rosx8xK4O766Rz0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGNa5uqABMAE&v=APEucNWSgGSwmYIKjIhTHlGeWEWU0b8UP45sl9nafWNiiSs0PJOfKb5D0oZWT_HXuGQVwliMoe8jvB5Q6mdingPYyNRomGVzVD23AoZw5YToU3I4jg2iZ_UHZqG8hLo2RXciMRDNpaeQ0yXiwyz2pkIIbA7_PdpW-GbBQFu8e7Q5vbu4r566cwfa7IICBMfvbiPRUAw4EpX1WE-dKe0niwn8FUE0MfXh0w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 20 Apr 2021 09:13:50 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBTjjR7rosx8xK4O766Rz0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 brid.min.js Show response
services.brid.tv/player/build/ Frame 238B 462 KB
111 KB 1086ms
14ms Script
application/javascript 13.224.102.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/player/build/brid.min.js
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1618910027774
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-57.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aad225f19a6d1133bc3f1a926c70a022d35a973ff2375e2212ab9eea9338f38a

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:01:41 GMT
content-encoding: br
last-modified: Mon, 19 Apr 2021 10:20:39 GMT
server: AmazonS3
age: 1920
etag: W/"9f42d2d9acbe07d7938389ab27265c64"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: max-age=1200, public
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: mrPsz0tuGp7cV-FqrZQBEswmGVwIlKF7gG_8-EWmA6PSSUS3alu8DA==

GET
H3-29 200 pubads_impl_2021041501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 238B 299 KB
105 KB 16ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 08:41:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107555
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:48 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9FBC 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 13:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70095
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Apr 2022 13:45:33 GMT

GET
H2 200 ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 9FBC 47 KB
16 KB 7ms
6ms XHR
application/javascript 2600:9000:2057:5c00:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
Requested by: Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5c00:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2029b43811b3fc809323aeedc380d77e061fa58d500fed32e174d1b7f046c817

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:00:14 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
age: 4414
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 14400
cache-control: public, max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: *
x-amz-cf-id: cg8MWF-9t_w4VT2pI8wFgcxEMMewF7PIXj6by3vhb_DUje9IMXH2vw==
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)

GET
H2 200 /
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 9FBC 42 B
133 B 172ms
115ms Image
image/gif 3.141.126.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=424551&referer=https://www.koaa.com/
Requested by: Host: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 9FBC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e46728896fd2a8bba0e49636f3aa9b57579898539566035195f9b065137fd846

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 9FBC 7 KB
3 KB 29ms
11ms Script
application/javascript 2a02:26f0:7100:1aa::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=21544354&cmp=25428490&sid=4115836&plc=298689885&num=&adid=&advid=10679125&adsrv=1&btreg=491565386&btadsrv=doubleclick&crt=148402176&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1aa::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 554bc1440e7f58e518aae4facf8b6d5f34af6695c3a8d03c12003d1eb973989b

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Apr 2021 07:21:30 GMT
Server: Microsoft-IIS/10.0
ETag: "0f96cafe30d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3005

GET
H3-29 200 index.html Show response
s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/ Frame 825F 7 KB
2 KB 15ms
12ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a371368f6d286cf7a9b2948f9b4aeab8eda077d5a5a86ee785bade5d3dc08d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /10679125/1616794543898/FSLY_RNC_728x90/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2249
date: Mon, 19 Apr 2021 13:59:04 GMT
expires: Tue, 20 Apr 2021 13:59:04 GMT
last-modified: Fri, 26 Mar 2021 21:35:43 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 69284
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9FBC 0
211 B 26ms
24ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6tiax5dpioIO7Bch7LkXrzUzc2eO75QncZgzhZBlt50fcr_fuxIL95J_9hL4suZRXcgmNJDmWo3xwf2COQ7QS9q424sODQkKYJD3DRoSeKskZRn0HtdjI8cjczGA8ABuGq3cWDOGSTBXM2mPZMFKkMySTbYa-7fomlsnhT5Q80vaHKgRVVlMYfrH0-IMO_oDn-BHLlYXTpl40UnYFP8AsisGGpTvc9aaWBK847UUOoInFKGT9ZQiGXqBZvhk0vrDXITrhfV8mRepWG51gh6ric7caUcTVO3bPtaJ4ZyJNVYvfSGRlcGBhWIdW3JTeHOAE-FZA56tWoNktXrQXafkV7ya53SmI6Iv5v96EP2rVaJBzitGDxbcMrJkam_JKEfwXcS_87P4s19J0IDo2dAFzbBYKDIslxDJzmwLVHnb8YIyTAd4vVJ4hFkTRrqzEy6Fz4zrHRde-CNrrBH9vZWMflpdGq8nr8dt-rizhks48rwyDG8TnmmLxqZF7Rq0qLj6qgKNVbGL8IbyhyHdF7_et-L07vKEONkRe06IRBI1cOozP8hDoujWn7A_VLMBtkdBkwQYVBVXUIXiHXQaZofE_Tn0gtJPUHvGlbPQhbOL4yL3K-LdAUsza6Ocvo26tsG377iBwRJLi9e_JlCaAROIhCyT8lx0xdzOejv5hjJWytB3vDk7jN-zipig7cH5N_zzZysIBOEiUWW8AwPHst-RS3WzMGCVFDhO76Vur9v46q0WTCCyXs_nlAArig203vX7MGQ5GWokLkFxh3L4YItQbJeijIojdiPCEV-7UMRfb0GoqLM2YsDsOFIjOzZRc9N-MzTlSqvX8NIKvA3_R4lG87iRYJjbfO0xNKViy35m-tlYV0yf2ZzIilIeRyGRY2arWj3fqJSupn-2W8yy46H02kQ7qey7u0mplj7Mnxr7Woe__VSO7NdKEN441SHbnTeG_hTwx85AlmwwySaBZ8cLKL2RAOdQ8Am3hRJwCXITsbFFH1XzFGoe9cxpTKnUB4XQ2o9vMfsH9tbSIIuSji1nE3OF0OFxhjSuE4Vc4XVjoYdre0qakNntseZY5olsB_qgZ0bO-wpgNuPxAvqD21bdfpBth_xEZXc0cO91NAD24r-b86JbsrLGmF1GXRJwBTj7tXIzw-jNmlD-opOWXuyWytT6vd4xMx1nz&sai=AMfl-YTcf9xNMV0BiCnIEjGYYcVi3epTRuZyYh9DRsQqkbXfjE0u6riEgalZjqt-PJm-0GxQIStnaq5S1stkQd4a-nQqUlYniqVANrtJTBMBlJItNKbFk44U294JJ2ykq5U2wAlp4o0tUQqobfctNXesycpy6wcNLFT4YaW8-zCcEyZl9maUUvukhMYzS385Xxh275u-Hh-qto_DlXp7eKHwzgqJE-127FaAiOJLfDkKSQ&sig=Cg0ArKJSzDA2P9qe22NPEAE&urlfix=1&omid=0&rm=1&ctpt=228&cbvp=1&cstd=225&cisv=r20210415.99753&adurl=

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 20 Apr 2021 09:13:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 log.gif
includemodal.com/static/ Frame 9FBC 42 B
199 B 110ms
110ms Image
image/gif 3.141.126.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/static/log.gif?logger=4&token=35b5f8b1-1697-4993-bf5b-3bdf83e4e50f&url=https://www.fastly.com/web-app-and-api-security-youll-actually-use%3Futm_campaign%255Cx3dFY21Q2_EU_Integrated-Security%255Cx26utm_source%255Cx3daxm%255Cx26utm_medium%255Cx3ddisplay%255Cx26utm_content%255Cx3drunningcircles-en%2527%3D&o=https://www.koaa.com/
Requested by: Host: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
last-modified: Thu, 26 Sep 2019 18:10:35 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5d8cff1b-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&pxm=3&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F15572488966817962306&i=EWSCRIPPSDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.koaa.com%2F&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.koaa.com%2F&id=1&ii=4&cm=11&f=0&j=&t=1618910027833&de=525496044182&cu=1618910027833&m=842&ar=e4967b0-clean&iw=fb159f6&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11641&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A452%3A452%3A0%3A424&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=218&cd=0&ah=218&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4753959316%3A2845107808%3A5672689199%3A138347130523&bo=21815357024&bd=21817428238&gw=ewscrippsdfp76939516016&zMoatPS=above%201&zMoatPT=landing%20false&zMoatJS=3%3A-&zMoatMMV=60%2C50%2C40%2C30%2C20%2C10&zMoatMGV=50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=safe&zMoatMMV_MAX=60&zMoatMGV_MAX=50&dfpSlotId=MAD_RIGHT_RAIL&zMoatCURL=koaa.com&zMoatDev=Desktop&zMoatDfpSlotId=MAD_RIGHT_RAIL&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=1&tz=MAD_RIGHT_RAIL&iq=60&tt=50&tu=1&tp=safe&tc=0&fs=189983&na=993243257&cs=0
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:13:48 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 238B 107 B
122 B 31ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.koaa.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 238B 107 B
122 B 24ms
18ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.koaa.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 238B 8 KB
4 KB 54ms
53ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3810694879637213&correlator=2594613527289655&output=ldjh&impl=fifs&eid=31060313&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210420&iu_parts=133810016%2CCompanion_units%2Cscripps-8766-cnsmbl-container-300x250-ads-dr-d-companion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie=ID%3Daf899af045d771c8-2229ed42ebc70067%3AT%3D1618910027%3AS%3DALNI_MYIXmZyx5Zw0YohUdicjmdUM2KoWQ&cdm=www.koaa.com&bc=31&abxe=1&lmt=1618910028&dt=1618910028744&dlt=1618910028201&idt=528&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=985&adys=1305&adks=1279007740&ucis=udx5ajnd2vbt&ifi=1&ifk=2753638308&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.koaa.com%2F&top=https%3A%2F%2Fwww.koaa.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1167023218.1618910029&ga_sid=1618910029&ga_hid=946945391&ga_fc=false&fws=260&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

4fb112cfb11172b08332d18d43ded494923882c833e0769a9e6bc77f2c9d09de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4301
x-xss-protection: 0
google-lineitem-id: 5345365560
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308527878
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.koaa.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
18f46a15319d7453f2f1ebab05c901de.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 238B 0
0 36ms
18ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://18f46a15319d7453f2f1ebab05c901de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 238B 0
0 7ms
6ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8FFA 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 19 Apr 2021 19:27:31 GMT
expires: Tue, 19 Apr 2022 19:27:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 49577
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dv-measurements1165.js Show response
cdn.doubleverify.com/ Frame F756 476 KB
86 KB 8ms
8ms Script
application/javascript 2a02:26f0:7100:1aa::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1165.js
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1aa::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7e739cb08237c433c5fc87622578034ce4d4b9233f7cef03d0c9183d3295e9ca

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Mar 2021 12:00:54 GMT
Server: Microsoft-IIS/10.0
ETag: "01ff4555c25d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946083600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87677

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1719 0
0 18ms
17ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZYpvQwWQ_rLt5mA5NiUlFf-Tocx5ItX2JzQybj6SsWm9XJ3ZgzSXw_A8YgK_k19I7LDjdHZIqN2r-dLc2Ot3S1HnvuiWaLSXA4vGoTY3J8AfiIJGep-QsE-A8dOyWp1Fl8sjcvk1zSCIZBluVylJkgTZ3dDekLrR7DQJSQ-sZbLmGYF0In4K0zFEjgHhXWh-Hl7J8EJk8ErALNLJk2oqtT02n7TuibBHwceyJq-iKLHigl2caPwsVmrm_OWG1ivX8TuXfyHLLN34-CIDI8104u-hByRAd8anH-AZnARzW_SwFf7RXujSjWZXPEl__PglVJlwQJLDQCoHPZxvIImD1Ek_Ji9kvo7PSRSy7bLcEVguyLql8JnDYy_s&sig=Cg0ArKJSzNaByB0B8NzbEAE&urlfix=1&adurl=

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 unit.js Show response
yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/ Frame 1719 12 KB
4 KB 43ms
42ms Script
application/javascript 13.224.102.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/unit.js?cb=1618910028833
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-90.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fdfbb21f12a4e5f7f13435ba02d698426da4b51c2eddca3f98e7ce0cb4b481e

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 23:01:02 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"495e67aa4c6f3d5ba8107bfbc24a0dd1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-id: z2XspEp98JPFSCFwMshuABwB17oyegYQi5YC3kO4oj78UAC4NuwkFg==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1719 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:48 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 238B 73 KB
28 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831909828443"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:48 GMT

GET
H3-29 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 825F 186 KB
48 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Apr 2021 09:13:48 GMT

GET
H2 200 createjs-2015.11.26.min.js Show response
code.createjs.com/ Frame 825F 186 KB
48 KB 56ms
22ms Script
text/javascript 2a02:26f0:6c00::210:ba18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/createjs-2015.11.26.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 49344
expires: Tue, 20 Apr 2021 09:28:48 GMT

GET
H3-29 200 FSLY_RNC_728x90.js Show response
s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/ Frame 825F 68 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/FSLY_RNC_728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96a373018f6dd494f2452b541b7fefb5e325a6013acfae3821882a51ea528c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 05:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12059
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15746
x-xss-protection: 0
last-modified: Fri, 26 Mar 2021 21:35:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 21 Apr 2021 05:52:49 GMT

GET
DATA 200
OK truncated
/ Frame 1719 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44b26417381d2bf64ad905bcdb41f754fea8a9f9f0da71543545e62ffb39bd6f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FFA 14 KB
6 KB 20ms
10ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 10:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 82837
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Tue, 19 Apr 2022 10:13:11 GMT

GET
H/1.1 200
OK t2tv7.html Show response
cdn.doubleverify.com/ Frame 09BB 12 KB
4 KB 8ms
7ms Document
text/html 2a02:26f0:7100:1aa::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1aa::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991

Request headers

Host: cdn.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Last-Modified: Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges: bytes
ETag: "0ba3b8f4cdcf1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3877
Date: Tue, 20 Apr 2021 09:13:48 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame F756 1 KB
1 KB 37ms
12ms Script
text/javascript 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&bridua=3&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3C%4022%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3C%4022%5D4%40%3ETar9EEADTbpTauTauh525af%60547437_b3%60a34f_d344cdgdfg%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=875&ddur=31&uid=1618910028957331&jsCallback=dvCallback_1618910028957637&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1165&tgjsver=1165&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=11&brh=2&dvp_epl=217&noc=16&ctx=21544354&cmp=25428490&sid=4115836&plc=298689885&crt=148402176&btreg=491565386&btadsrv=doubleclick&adsrv=1&advid=10679125&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=2729111678.27308&dvp_tukv=1520689140.3243532&dvp_uuid=79641571329.27559&dvp_strhd=0.7300004363059998&dvpx_strhd=0.7300004363059998&dvp_tuid=359079891222&dvp_vcms=56&dvp_slmsd=116&dvp_vcmsd=172
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: dad57adb77b749ec89a8214c67113c2da5080669f13ef0b2acecb114f016a052

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:48 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 4/19/2021 9:13:48 AM

GET
H3-29 404 FAST2008_Sec_RunInCircles_728x90Ad1.jpg
s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/images/ Frame 825F 43 B
61 B 8ms
8ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/images/FAST2008_Sec_RunInCircles_728x90Ad1.jpg?1615705170014

Requested by

Host: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:01:32 GMT
x-content-type-options: nosniff
server: sffe
age: 737
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:16:32 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9FBC 0
23 B 18ms
18ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1719 0
0 32ms
17ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkDb_miJInFA2noRdzKbYsldAT26zi5pfqfYzli3G3JReba_5P9s__IjDkg4G12qPa4tsIP2820KAGkSur--Fe7d2a2oww-M_nwbITuW6jsjsYXZF-TaY4sz1n3p7NGaaBdr8X5JtDz7rJoNQYtfE_-38bjbCxlpI8mSkBIdXVsckGaDHaob-VXGuoNg7xggTHAzHjus2P-TsS1ylvpakifGzONDmnIGTzEIwYIxLva-ztVKizDhud6kHynzZy3YjgBSeeXdZEFJQBerE-gc9ELQfuSKW0WIoR4GDuq0dlfATPEWGq0YsgfOUyu1cOs5BwXldCDqeJX5-1ZMxQFsZ7q8teiyECV-7V4OWsTQx6gUE1fwfZ6frHw2MkoA&sig=Cg0ArKJSzMIju7hZXV_IEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Apr 2021 09:13:49 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DA25 62 KB
21 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/unit.js?cb=1618910028833

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58bdd89b53ded47f1781eb20d8c610546582a41ba0462d610d03a700b389bd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "847 / 584 of 1000 / last-modified: 1618870257"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21085
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:49 GMT

GET
H/1.1 200
OK wrap.js Show response
clarium.global.ssl.fastly.net/gpt/a/ Frame DA25 142 KB
42 KB 1049ms
7ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4925165c70b3264de4eb9fcb82c4e25329fd65e6ee1b1fcc336af0e72d011b58

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:50 GMT
Via: 1.1 varnish
Server: nginx
Age: 71
X-Served-By: cache-hhn4053-HHN
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript;charset=UTF-8
Content-Encoding: gzip
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Connection: keep-alive
Accept-Ranges: bytes
X-Timer: S1618910030.155553,VS0,VE0
Content-Length: 42289
X-Cache-Hits: 67

GET
H2 200 iframe.js Show response
yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/ Frame DA25 259 KB
82 KB 26ms
24ms Script
application/javascript 13.224.102.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/iframe.js
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/unit.js?cb=1618910028833
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-90.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b44784210dc4d49e0011783bbee473ab4582b284ad092a49b8d113ea9c28158

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 23:01:01 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"4d4fc655a55cef6d5a1be96f9785fe8a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-id: 6zlyTTNGC3k6qvZCj-knkAmw7KSUPvYv3iLKuCm1X_qWpUCZrp0_tg==

GET
H3-29 404 FAST2008_Sec_RunInCircles_728x90Ad2.jpg
s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/images/ Frame 825F 43 B
61 B 8ms
7ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/images/FAST2008_Sec_RunInCircles_728x90Ad2.jpg?1615705170014

Requested by

Host: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:01:33 GMT
x-content-type-options: nosniff
server: sffe
age: 736
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:16:33 GMT

GET
H3-29 404 FAST2008_Sec_RunInCircles_728x90Ad.jpg
s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/images/ Frame 825F 43 B
61 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/images/FAST2008_Sec_RunInCircles_728x90Ad.jpg?1615705170014

Requested by

Host: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794543898/FSLY_RNC_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:01:34 GMT
x-content-type-options: nosniff
server: sffe
age: 735
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:16:34 GMT

GET
H3-29 200 pubads_impl_2021041501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DA25 299 KB
105 KB 15ms
14ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 08:41:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107555
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:49 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.koaa.com%2F&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.koaa.com%2F&id=1&f=0&j=&t=1618910025868&de=422053362293&rx=562305608803&cu=1618910025868&m=3383&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=11641&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A452%3A452%3A0%3A424&as=1&ag=1147&an=35&gi=1&gf=1147&gg=35&ix=1147&ic=1147&ez=1&ck=1147&kw=952&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1147&bx=35&ci=1147&jz=952&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=952&cd=69&ah=952&am=69&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.koaa&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=607990485&cs=0
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:49 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:13:49 GMT

GET
H2 200 action.json Show response
yummy.consumable.com/8766/cnsmbl-container-300x250-ads/js/ Frame DA25 2 B
454 B 697ms
415ms XHR
application/json 13.224.102.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/js/action.json?ac=IMPRESSION&fp=&ts=1618910029256&tba=0&et=0&furl=&dd=0&vi=true&vd=0&sid=3d1a3dc4-b01e-4bc0-808e-86ffb6c43812&cb=1618910029256&hr=https%3A%2F%2Fwww.koaa.com%2F&hn=www.koaa.com&pl=
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/iframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-90.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:50 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Tue, 03 Nov 2020 23:01:02 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "d751713988987e9331980363e24189ce"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 60
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
content-length: 2
x-amz-cf-id: 0mI6toZFY5bmb9gd2cUKmTh5OvZ-Tu5f-hqUN9q8kV5MPQNDnJc6wg==

POST
H2 200 v2 Show response
e.serverbid.com/api/ Frame DA25 16 B
166 B 101ms
101ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/iframe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.koaa.com
date: Tue, 20 Apr 2021 09:13:49 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.koaa.com%2F&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.koaa.com%2F&id=1&f=0&j=&t=1618910025868&de=422053362293&rx=562305608803&cu=1618910025868&m=3384&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=11641&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A452%3A452%3A0%3A424&as=1&ag=1147&an=1147&gi=1&gf=1147&gg=1147&ix=1147&ic=1147&ez=1&ck=1147&kw=952&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1147&bx=1147&ci=1147&jz=952&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=952&cd=952&ah=952&am=952&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.koaa&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=771848097&cs=0
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:49 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:13:49 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 10ms
9ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.koaa.com%2F&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.koaa.com%2F&id=1&f=0&j=&t=1618910025868&de=422053362293&rx=562305608803&cu=1618910025868&m=3385&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=11641&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A452%3A452%3A0%3A424&as=1&ag=1147&an=1147&gi=1&gf=1147&gg=1147&ix=1147&ic=1147&ez=1&ck=1147&kw=952&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1147&bx=1147&ci=1147&jz=952&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=952&cd=952&ah=952&am=952&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.koaa&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=84694879&cs=0
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:49 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:13:49 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9FBC 42 B
64 B 38ms
34ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnhvmIzlJUeitt5Dv49oW_KsptMLWTXwVYkHr2XHELdSfMGE7FHo7ZdJRs8TX8Qb0ge2U47zcdiVsuhGd-bkAFJILO5AjjZhwh_fGVU8J7NjCPYuP1juVm7l7k2A&sai=AMfl-YQ8kn1dVqe8e9_RE3cyDvuxDxj0_Lv9r1nBCLvyOQ_NXuaTSBNyEGabn6lumIfSFi0HyB1xyyiYhITZRzAcVujsVx5BkXXA2zSxSDTfKuZmX9DGevfbPOH74FT0xYLC&sig=Cg0ArKJSzNkDnduO9FTBEAE&cid=CAASPeRoeEUBTlSQiH9-30LxYgj2SoZsKeTormf6zzxCmqLWActJFyj3Wgv82Txb1C1EZQ1NVg11FrnrzgR5hPo&id=lidar2&mcvt=1000&p=1106,436,1196,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2548522331&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1618910027604&dlt=128&rpt=750&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adunit.js Show response
services.brid.tv/player/build/plugins/ Frame 238B 30 B
419 B 14ms
13ms Script
application/javascript 13.224.102.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/player/build/plugins/adunit.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-57.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c25c4e240bd28a308851f487711c88680072496bf9865fb73a258dff5ca3fd9

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 07:55:28 GMT
content-encoding: gzip
last-modified: Wed, 06 Jun 2018 07:10:50 GMT
server: AmazonS3
age: 4702
etag: "00472f99064e3d4328bd208da8c0b958"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 50
x-amz-cf-id: D1c4iB8YSzqsX8rkw_5Ux5fhbe6xs6oJXbYFqhR2etuZjPiBQRf29w==

GET
H2 200 consumable.min.js Show response
services.brid.tv/custom/ Frame 238B 2 KB
2 KB 14ms
13ms Script
application/javascript 13.224.102.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/custom/consumable.min.js
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1618910027774
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-57.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c41dae510b615df483a29bd00ef9d1224409a7dd96990f85bb78818335b0a475

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 06:54:59 GMT
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
last-modified: Tue, 22 Oct 2019 10:36:41 GMT
server: AmazonS3
age: 8355
etag: "c1784798a0773aaeaf0b091994cd25bb"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1923
x-amz-cf-id: k-2obzCVmEoWbcV6cKp12546PKEFCLIsvOOCIzKxZyizta0rlG5uhQ==

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame DA25 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.koaa.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame DA25 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.koaa.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DA25 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

448b56c48cc31120d24af77157d2b0e6a7599a1ed16f285903b8ea9ab0864eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6594
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DA25 34 KB
13 KB 264ms
263ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3005053849618455&correlator=1234809984878289&output=ldjh&impl=fifs&eid=31060788%2C31060843%2C21068030%2C31060736&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210420&iu_parts=133810016%2CScripps%2Cscripps-8766-cnsmbl-container-300x250-ads-dr-d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=rfsh%3D1%26invw%3Dtrue%26rfshtime%3D5&eri=1&cookie=ID%3Daf899af045d771c8%3AT%3D1618910027%3AS%3DALNI_MYrBoVN1STsnTZaMY_k9gWgldxJDw&cdm=www.koaa.com&bc=31&abxe=1&lmt=1618910029&dt=1618910029441&dlt=1618910029102&idt=219&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=985&adys=1305&adks=1744008382&ucis=qheuvtgkypjq&ifi=1&ifk=1443567447&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=4&url=https%3A%2F%2Fwww.koaa.com%2F&top=https%3A%2F%2Fwww.koaa.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=20278000.1618910029&ga_sid=1618910029&ga_hid=841465634&ga_fc=false&fws=260&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c266c66c191d269c13a0925d0b50f3e2ac7362be9c0ddaef4c914900660a5b83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12888
x-xss-protection: 0
google-lineitem-id: 4538451035
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138222539677
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.koaa.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
dd072df9924c140888c93f6705623ea8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA25 0
0 28ms
13ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dd072df9924c140888c93f6705623ea8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame DA25 0
0 7ms
6ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 iframe.js Show response
yummy.consumable.com/8580/cnsmbl-video-970x250/widget/ Frame 238B 384 KB
120 KB 22ms
22ms Script
application/javascript 13.224.102.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1618910027774
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-90.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31aff64d0957bacb78a34911b9e8318b0c6d506429ee72bf7d07ae06e691a5d3

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 20:18:00 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"d375c4ca9f74c88d3e472a52a920d8e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-id: IPSEjSCUcPSKIvm1go3eecLu57oo1Zp24wQP7hwCxVeC-1ikgNj1zg==

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DA25 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:49 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FFA 0
20 B 29ms
28ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcsPNTJt-YMqdCcqK7_UPpNehiAMAAAAAOAHgBAI&bg=!QUKlQgbNAAZUuIlwVLg7ACkAdvg8WtgfusspjgmOjqiJfKd2Fe1uDY3aALoSNJp1kyQqQ1nYT0mgqQIAAAF3UgAAAA5oAQcKAL5GtfNuyyFK6FpKcz0ENT7Fd9xKU8wWt7_pqj7xoLS7rAcTRBHxq8qrlnOrsybcQsgkQ9w2e_jTGBj5MEuTXW2DxFD-0MCj4l2dVGK2ROEdVqMi9wdr5XyaDkompl-l38pzwcNhzf3S7fufIU2cIJSslT4aGcEC0SJPEsJ7ZYlwVIfjjsfUZlYqL_S2CvoKVzLEy-S7RCgm0HOfs07Ua2tva6W2XOZ-R_46XUA_kRNFp7JTxD2VN5TPL6CAT8GgmQJcjJr2K0R_eyeofHYwcFPmZ2fpbu6j0pwg6HwbEKIxUq6gDuTAyKaIQkfC5vap3Gzd0uHpbnZZ2S6eI0n5g1lKWs6LVhbOly9YlI4CTzz1Z96diSoiLK29fJG42E4lpjhiE7iqh-n9Or7Uc_ztyDmqbgeuhA-Ld78DMvq5d4RytrfTChJbNYdmkRcM8SY8h__9bXg6vx2vH5tm6Fuv0s8d8aIGJxPW6qZKndnkHuIiXBO4heqp79h7gNGXWz2uE1tZ4VN-TCJ1oUSwbqXDF-Mdhj9AXPymq5-qTvZcRsXhQMFhHdKiNH0OzPaLyAkJLGsk0JmMC6r04sfEoBMS6ezP5okGgJKwg2Ms2BBG6X2tGOwW5vJlSZ0bbvGfRiyQYTVIt6f8SB5gEKY7P9r9i6HqRfZDzfiqS9FSiFvD1nktYSPGzi0bqMqrzLpaMFfdiwqw1UMRFFq3I12H_b51GQeuAAL6GJPvTC7dlYqUmayo_QorYN-Bo5DHruCy4xNjIYvswA-mai1gxyheuViKSqp-LlCRgKMHqse_rTdIdiQUSJnY9CABNr7yRARpyXnfYFhZwupnW77ooh0Nkf2qBbLauHoMVaEbI-rFbs2IcnomYIkGQg65OkJIg7PGdcZ39GFYV4R3cqu_TrtczHSqNsu_4KrE8QYx2UVzrVZjYVrLVNBKJf1cI5zVTSPKjrSLaNmhd7mNURMk0bt41WsipqAPmw6DVbSuB8HEvvuWCGIRdr-XJ0b5TdndEu7N49fOZFxYZyclPGB1KBQI9N00974Wp2XeOVBk2kMvfIRLlQ

Requested by

Host: 9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
URL: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7C78 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.koaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 20 Apr 2021 08:38:07 GMT
expires: Wed, 20 Apr 2022 08:38:07 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2142
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1AB7 783 B
815 B 17ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

74969208f44bc56bd878ac33d193c26a990c5560575f7ff8eea8fb75ba5f9b45

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MjY5cxHsyFuebeskRk5Ytw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.koaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

expires: Tue, 20 Apr 2021 09:13:49 GMT
date: Tue, 20 Apr 2021 09:13:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-MjY5cxHsyFuebeskRk5Ytw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 action.json Show response
yummy.consumable.com/8580/cnsmbl-video-970x250/js/ Frame 238B 2 B
454 B 410ms
406ms XHR
application/json 13.224.102.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/js/action.json?ac=IMPRESSION&fp=&a=%7B%7D&ts=1618910029556&tba=0&et=0&furl=https%3A%2F%2Fv.traileraddict.com%2Fvidtest.php&dd=0&vi=false&vd=0&sid=7ea10b18-5323-4547-a4ee-11b1ce0f0d75&cb=1618910029556&hr=https%3A%2F%2Fwww.koaa.com%2F&hn=www.koaa.com&pl=
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-90.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:50 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 20:18:01 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "d751713988987e9331980363e24189ce"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 60
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
content-length: 2
x-amz-cf-id: j2uSXU8ringFZG57trx68vlWkx8fA-djNOVY0Ncxq7eyOMf_Q1jjFA==

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 238B 173 B
380 B 27ms
9ms XHR
application/json 35.158.19.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.19.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d1de5bc59f340108aefde96cdcb6dc4d268322cd07b55ed556ccbab195d87207

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.koaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 238B 152 B
786 B 319ms
27ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F133810016%2FScripps%2Fscripps-8580-cnsmbl-video-970x250-dr-d%7C4dab0c78b72fb8%22%3A%22%22%7D&ref=https%3A%2F%2Fwww.koaa.com%2F&s=c80496e8-60f6-415f-b5ab-c6f57d3ce7a0&pv=eb8539e3-1b6c-4ec6-adcc-1298d6c715fe&vp=tablet&lib_name=prebid&lib_v=3.10.0&us=999&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22consumable.com%22%2C%22sid%22%3A%222000248%22%2C%22hp%22%3A1%7D%5D%7D&

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

737a225da6d4325c77d5a746d9c6221723e69ca32a5c5782bba666f74f5cef77

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:49 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.koaa.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 177
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST 284289
search.spotxchange.com/openrtb/2.3/dados/ Frame 238B 0
0

POST openrtb
ads.adaptv.advertising.com/rtb/ Frame 238B 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 238B 138 B
985 B 11ms
11ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f454d26f3259b2d12bce887d018bfc8f42b209437c2fe1cd6b489221c2f3675e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:49 GMT
X-Proxy-Origin: 141.98.102.148; 141.98.102.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.196:80
AN-X-Request-Uuid: 58e98690-1dab-4586-b51c-20c3367b3bcd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.koaa.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST /
hb.emxdgt.com/ Frame 238B 0
0

GET
H2 200 tag Show response
vtrdn-wjdav.ads.tremorhub.com/ad/ Frame 238B 55 B
499 B 383ms
195ms XHR
application/json 2600:1f18:612b:4232:d8ff:eb32:9f2d:cd3f
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrdn-wjdav.ads.tremorhub.com/ad/tag?adCode=vtrdn-3yglg&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.koaa.com%2F&supplyCode=vtrdn-wjdav&schain=1.0,1!consumable.com,2000248,,,,&transactionId=c812a247-3483-4e0e-9be5-f43d9ad7b7f3&referrer=https%3A%2F%2Fwww.koaa.com%2F&hb=1&fmt=json
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:d8ff:eb32:9f2d:cd3f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: c3489e2ab634b6168cddcf63d45ae80f3ddb461149356349dff0901a8cc0d003

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.koaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: application/json;charset=UTF-8

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 238B 0
114 B 377ms
98ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.koaa.com
date: Tue, 20 Apr 2021 09:13:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 avjp Show response
gift-connect-d.openx.net/v/1.0/ Frame 238B 106 B
353 B 73ms
73ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-connect-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.koaa.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=c812a247-3483-4e0e-9be5-f43d9ad7b7f3&nocache=1618910029581&schain=1.0%2C1!consumable.com%2C2000248%2C1%2C%2C%2C&auid=541033538&vwd=640&vht=480&
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:49 GMT
via: 1.1 google
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.koaa.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET cygnus
as-sec.casalemedia.com/ Frame 238B 0
0

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C78 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 10:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 82838
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Tue, 19 Apr 2022 10:13:11 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 238B 8 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c47ff4085e63e5d87a7fa426d2966f242c0b79b772675e3f8a5dcf2c9a5f73a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6552
x-xss-protection: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 118F 0
0 18ms
18ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ5xH4psPr9G-4G9KNNGhWswTbZ-myn1cNRmdmcQz4BBd6eBRjVJE3bqCUsadXPSQsIoCwqdtsJ-UzRb-h87uL271BA9N8gSfzryBN5GP9Rr33WNQs-H0XE_u4HflT3r-QLy0zZTS-UrMcF-DMORQRV_7qeh1o-ESbAWT9uQJQv_CpCsjZItiygGfVA2Db4Me5HqIuJhrP5rDn3ArByNY2PPId_XHht41tR41YklG98ADAd_9wTbHT93hGEns6ovv8y55oO7lKSL114cK3w92zBkL9lrP6fGtXGFBH2pdTqSKLvuJwAVQ&sai=AMfl-YRT4MIIWW9OMhuaiTQ3D16Z1fs5okiLWeOxQl-IPvY1ZE0Tomb4xyxN9BywQD-8qG_971XtYdJMGIslMQzw2gUiSIVVLgb-IzpBkDeLeAQm7y94LUsp3QH0d3qOw0pc&sig=Cg0ArKJSzIFcAvAstnobEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Apr 2021 09:13:49 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 238B 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:49 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame ACA0 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.koaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 20 Apr 2021 08:38:07 GMT
expires: Wed, 20 Apr 2022 08:38:07 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2142
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 4DB4 0
418 B 61ms
14ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:49 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame ACA0 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 10:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 82838
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Tue, 19 Apr 2022 10:13:11 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B954 0
0 18ms
18ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkfXCPmreiV6hRKis_Lte3kem3NlILmnrZjIgNu1vwOeklIy-JslGiJy8Uxvr_CEXosKSTLryvoMyKVjytvVojGpwyznJ_jHnCJAZ_ELZHgOoBTeq89UXH2d72D2TB1XRtEHao8uNz-5CYLkZhav9wSAjJecbfQkoibV9h7j4CRzf2xF9TS7xGPRmNW2fQVHlin6sZNxNOJXxfv2ICdhtq28aK7Qy8T2Ze2vkPbDPUGomyPaM4B_dtoQtFnKdkY8MEwvVjJyfwokd6IPi-b7vggH5wC5NTtbXOmW7j0LuwKbZdn3KV1CJ4KlaYdWZwD50QS_AFfGb5sgJRHaKZ4uTxabMEhMRp9vc&sig=Cg0ArKJSzB7E-RjrFdoNEAE&adurl=

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame B954 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:11:23 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame B954 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:12:43 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B954 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:49 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B954 0
0 16ms
15ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTgdgOXr7QjZCGiWqPwZowIM2BrFwGKLCSyzJvGXniuZypn96zIkc6Xcr2LPizd9njFutSxS2TzYMpPkXcWySFlIUj_A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 5305678281706130699
tpc.googlesyndication.com/simgad/ Frame B954 49 KB
49 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5305678281706130699

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9640b4008edd77014c3d31defa43f80015daf003dd0db7e80d4df387b846505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:05:14 GMT
x-content-type-options: nosniff
age: 457715
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49847
x-xss-protection: 0
last-modified: Tue, 20 Nov 2018 18:27:49 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:05:14 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA25 73 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831909828443"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:49 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B954 0
0 17ms
16ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssApK-xdatBPdkKh2nRSCDj88kAtWTvk2NRQ5TgFMj3tBliE4Js57QkdNY7UxXD9JRmMB8WZIAy3wa5-US7iXpYXiUwWT8-ccv-UPLS8wyFvBbJIaVgiw6e5EhcaRyouyh0T-kRDbELqqRf4gCHHocPeYvSqsY7HAl_sWC3shtlIiemAE_UlOpZLwJ6aqSmWPLm5DPty26z_NQIDvTyWS0Tleu_6ie2cZl2-S0SDWjhlfPWw5k2oczD8PwyemPiEOHBAqnhI3LB_P1zUgMyLIr3_R-xWi1DcHDx5A1Cs4A8VVHpskNv4ufdYXT_uGRJ4GOnXjqgsA-xToE7SUqVwYFL9HNu3uM7NC1T9w&sig=Cg0ArKJSzOMpObNdebLnEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Apr 2021 09:13:49 GMT

GET
DATA 200
OK truncated
/ Frame B954 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a239f6ad26a7a681f430311ea92b5ac7bab6a0df90ab13e3071ed342132ebece

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA25 0
20 B 29ms
28ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041501&jk=3005053849618455&bg=!t7SltPDNAAZUuIlwVLg7ACkAdvg8Wl5F4-PAWrHB9KiqRRcenaOTw5X36ihHzabEicXs9mW6pN_jYwIAAAEFUgAAABpoAQcKAPO8hWrOjnlTsfUxn_JOAbewHIvZ5HNtit74yWl2g4taI5LTiksCy3RM6QyaYqsGUkngEnGQBdono5aKJEeQgzC4AVDZI-TLzUBSprkECevvhchpNbesi2ldSDnVhj9iICcQK1LEM7q1S3Vt2m2gU5cMOGoObFokwLK8pzxhYDy44x4mVJuv9TDretAhne3Psafzf225VXiX0whsiJ7oECrmkYXm3yPwUn6ljoPF4uChnyPlfJf4KlHuT2GNwsxhpHwKnOZYU26v-ghJU_u3om8TXe1ehS1-gR1ugIdzJ79W8cggZo1TubLSr5hisHkcn7cfQ92ZAi_dXMEAlsGCXB8NTfLWPSna2d2ZjR6jLU66sAPjwrcQyFvq6Bvumzkpft-xWjAoM4sozqjHSutX7sb1JWoOEddFojQ_bJTdb8M-Q_QGYK7QQ8bANZXD96dBPyFsI9l1MqVm943lC310qMCOX_jffyLA42UHt6Ghy2LIMtY1IFvEmCNrCCE6xbQrZ0ttybjeCj938_WQrsxa8MSATeoy8wxm6gOPhiLXs_kN72_SPdUQZtz3K5qXDmY0xUblRNT_ARc4SPGZFqn4TmYpZ0zlVTDSMRQN3ixEXODUYPW_fbNlgqZxHUW3MVgsunODu7n4zmjoy5LxL2JY55CeItDy0fvPg5xx5zhjEtIU81oKpte3RPakdXzdwfJ5Gh9oLAstIcB_Q1a0eaCFT6je9AfVyUX7NOsd-UAYWM3gWOMPyg86Md-1lsTJyRjswnQcr35VQkk-JeT-QgOO4f1iljGTRvub-KSqzdnIHlpl69KURMzEfvp7iDNT86Dvd3XO5AJxfGRNTkpnY1gEUI0VlNfsyOKVOA6GHtfQjAdvNg5Abkc0F63vZmPdUmlltp9qkx2YrSlYsM8qpBLdqAqekQLg-nQzACqSdc4zAQWDDiLjRga263_tSgJP4jdmEnV9xSapzUmQA6W_e7BsCf4gzrN0L3b72o_SeWYkco2SpInfQbvjIfBWlqimJDayqamMbiWwBzdXrhdV9Fs0q6R25iQYm8Qm9YK1UjXJOrKwSN2QBZBN

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 238B 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041501&jk=3810694879637213&bg=!4OOl46fNAAZUuIlwVLg7ACkAdvg8WnjVBR7r1hsjsvqxkIk4GPkHsVBIKe2Gyjiou2iw_m-CAwfamgIAAAD2UgAAAA5oAQcKARR7LMJUcr7r7V8XRgf6oQVith8-pjyvssZO-ZGFz4hTzFYoB6xTyWb8JLbRpHVZCkBY3I3nku7kBZrfxGVS9YCbm6cCfC2VE5ZroMY90nEkKRE4H8FCMycgpktZnVGEr04MmcqCdur7M0LjCSHLV_1HdOpMrDQFuPOcQFzNwAklEbi_v8Qm0C7wGYNV6opn1BG1eRxVxmayQ5p2FiA3ro9i3AUfuEQDTmHLG7Nmlx8qbOfLSCpU_pTHh5ursX4wmnwl3Xv2QDK0_jTjZRsKa6GT9yy-0H7xGSnm6q70F6Q0gR6rcW9zb2PRjdnZoDx4RhyWH6y2LGBBw3AMH9OufL6CZCWEeqanCVLso_dVv67be4NIc_6ZAf71u-I57e7xZ2QgkuQTiYwUy9fnYbfMUEiPqv40v_0bAu7jargOMOnTa-ej6X6Ew9OLK3j1ZHl2-mvNQ-DpSC3GJXC3mRs0gZ2R0g_k8Ki5ukJAsCcoWlczFgJ4XDa8ttd2u6He3HD2GC5Cs_HjVgMUPMLP_qX-ULpYXM32b-R9QyVBrH2QwWt1BVFI_sZMknzz_iInFu8Pk2Gcp-nC0oeNDhuHnPQQrumGCxessXpcf0k1McA3r4swQpde8NM-BKAWD2qGw6daeHYGZTbnuqSZezy_5EiKhGDK8E8NSgPZByfWLr5D5pvjpNwbHmwP0x5GhyXFv6e6p66mAkQqeNhwfDI86WaRjuhh5mJekD8YTBbwS66ayJxOKXxBUkFpbYbJVMDOIUVbTKihH4VDMbzh0Pf1IWq2VZqTcGAmwiXsktRPZdsc-6GT-p1hy-8o3FZaDmfwZ1Odcbuxl3v4zJkpUIJtzFNWwTJVDXqkYWl7_0EIL_WpmxXtBqKm_D5tmXM68oELL0fMgs2a6HFd98iNA3k5RCyODtAvRul3It60ibZpCb5I9s0gSZcyXsCFUziKTt1OBsYPdjh0rIKXGYKxvBB5Om1U-Mt9bnRcxlvApV6iPhn_jj-8fUH8D6E3CYyCUwdw8ZMID3SM3C2v_i2dx3lNJkRp9Pn52r6i-YI

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET v1
prebid.digitru.st/id/ Frame DA25 0
0

POST
H/1.1 200
OK event.png
tps20234.doubleverify.com/ Frame F756 67 B
492 B 25ms
9ms Ping
image/png 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20234.doubleverify.com/event.png?impid=da8f0166f8ab46688c852905eab903d1&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=39&eoid=5&msrjs=1165&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1618910031117941
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:50 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 4/19/2021 9:13:51 AM

GET v1
prebid.digitru.st/id/ Frame 238B 0
0

GET
H2 200 vidtest.php Show response
v.traileraddict.com/ Frame 238B 4 KB
1 KB 355ms
338ms XHR
application/json 2606:4700:20::681a:336
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v.traileraddict.com/vidtest.php
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:336 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.31
Resource Hash: 7a9c7947e8e97888530f5d8cc0e0cc78951b7b1b735f297c864af1cbd28d720f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: PHP/5.6.31
access-control-allow-methods: GET, PUT, POST, OPTIONS
cf-request-id: 099027c6e300004e56a82db000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1800
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W4i9V6uMM3LgVU636%2FQwJn56lCCLd0V3vIcsKlEOMrxdY8vGPD8x%2FLoMti2EbGfz%2BXqGlNcEC0SG8jnFlMbxymt3Z29UeaiiLJUVKNMYvWLqhiQEp4W37qhRe7TqipYF"}]}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 642d4251687f4e56-FRA
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

GET
H2 200 chevron-left.svg
yummy.consumable.com/8580/cnsmbl-video-970x250/img/ Frame 238B 509 B
828 B 24ms
23ms Image
image/svg+xml 13.224.102.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/img/chevron-left.svg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-90.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62965052035405846c2a82a5f9c8e662db24ff92100bad81ec4b82d5135a7a78

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 20:18:02 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "06debc4a8c892312c85a5868e3f1683d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 509
x-amz-cf-id: 3uquY2N3VvH_Q3wT0ELLSjgcCY6ooBJpe6EpIn2elWnrN-b-FuS9IA==

GET
H2 200 chevron-right.svg
yummy.consumable.com/8580/cnsmbl-video-970x250/img/ Frame 238B 516 B
835 B 24ms
23ms Image
image/svg+xml 13.224.102.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/img/chevron-right.svg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-90.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0aae9ffbfef06b0b5ef60ef6c0aebfceebb2e9f0deca58dcd9aacacda7e0d7fe

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 20:18:01 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "f25ffe73c2ef159c89576cd693340ac5"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 516
x-amz-cf-id: mSmDdO4ccOw3U1hROzXF1EoBYo0eV3jy7C3pT5gnz-2eWmu32muwoA==

GET
H2 200 g3-blue.jpg
cdn.traileraddict.com/content/consumable/ Frame 238B 14 KB
15 KB 32ms
15ms Image
image/webp 2606:4700:20::681a:236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.traileraddict.com/content/consumable/g3-blue.jpg
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76e5591612f2b00c68824472590a1101ed872ed70cf5a40e8c665dcc5a5abb22

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 479884
cf-polished: qual=85, origFmt=jpeg, origSize=37489
content-disposition: inline; filename="g3-blue.webp"
content-length: 14520
cf-request-id: 099027c89c00004ed9cb9ef000000001
last-modified: Sun, 06 Dec 2020 19:24:44 GMT
server: cloudflare
etag: "5fcd2ffc-9271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tKGV%2FZHJmf9JSnKXpUDJB99ycDbdXnYsGOXJL9KR4JHpWqltPTpsmBZh%2B7twZhVWpsJuu0jXisnAeJN80kaaGmyYUW0OsBNiR5cX8AIV9qApse3O2Mzm7NDvbPu1yIEqkGo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
expires: Fri, 14 May 2021 19:49:34 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 642d42542d864ed9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 17750.json Show response
services.brid.tv/services/get/config/ Frame 238B 7 KB
3 KB 460ms
182ms XHR
application/json 13.224.102.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/services/get/config/17750.json
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-57.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 727823e6ebd1c140c38e1c1d201ee0d37bf9dc549661986eb712e01d657283ba

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
content-encoding: br
server: nginx
x-amz-cf-pop: ZRH50-C1
x-cache-status: EXPIRED
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-cache: Miss from cloudfront
access-control-allow-headers: origin, x-requested-with, content-type, accept
x-amz-cf-id: t0IlVY53Rny1xbICc3SE5atKpuR8LNxmhERc-To5AL1QOnzfIzLVew==
via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
x-served-by: i-06f46ae3ef5e2b314

POST
H/1.1 200
OK event.png
tps20234.doubleverify.com/ Frame F756 67 B
492 B 8ms
7ms Ping
image/png 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20234.doubleverify.com/event.png?impid=da8f0166f8ab46688c852905eab903d1&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=7&ismms=71&isumms=70&isvelg=1&nvr=6&isbxdms=2272&b0=100&b11=2336&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2436&sftb=2436&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=975&isuiabvms=975&ispmxpms=975&engalms=69&dvp_dpr=1&cbust=1618910032116637
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 4/19/2021 9:13:52 AM

GET
H2 200 g3-blue.jpg
cdn.traileraddict.com/content/consumable/ Frame 238B 14 KB
14 KB 15ms
15ms Image
image/webp 2606:4700:20::681a:236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.traileraddict.com/content/consumable/g3-blue.jpg
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76e5591612f2b00c68824472590a1101ed872ed70cf5a40e8c665dcc5a5abb22

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 479884
cf-polished: qual=85, origFmt=jpeg, origSize=37489
content-disposition: inline; filename="g3-blue.webp"
content-length: 14520
cf-request-id: 099027c91300004ed9c092b000000001
last-modified: Sun, 06 Dec 2020 19:24:44 GMT
server: cloudflare
etag: "5fcd2ffc-9271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U5D6frJ8qRSOUZbuTrO4Kklnl%2FPfNGHv%2Fb38%2B9w01wesjZri8rwTjk5VR3jfkFmIsQ1nr3k2VS7B1qxlyXKL6MsfHBSfGIe%2BwM1hoG5I%2BAemeT1JxUnpM9Ab7G0TdJ%2Fx%2F78%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
expires: Fri, 14 May 2021 19:49:34 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 642d4254eedd4ed9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 g3-blue.jpg
cdn.traileraddict.com/content/consumable/ Frame 238B 14 KB
14 KB 12ms
12ms Image
image/webp 2606:4700:20::681a:236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.traileraddict.com/content/consumable/g3-blue.jpg
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76e5591612f2b00c68824472590a1101ed872ed70cf5a40e8c665dcc5a5abb22

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 479884
cf-polished: qual=85, origFmt=jpeg, origSize=37489
content-disposition: inline; filename="g3-blue.webp"
content-length: 14520
cf-request-id: 099027c97800004ed9c6aa8000000001
last-modified: Sun, 06 Dec 2020 19:24:44 GMT
server: cloudflare
etag: "5fcd2ffc-9271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kIbD16guKyHdPI%2FrJCitw2Xpok5KSMOJ6QPXVydVqq85nIM4BROmLqlsr68pz4eoU20TEUe8JuY11evnt5MBpbAab0xNjnU0j1X22Lcq5K6LjrVF5%2F%2FjoG04phMdfjXI49w%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
expires: Fri, 14 May 2021 19:49:34 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 642d425588024ed9-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

2000248.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 8E3D
Redirect Chain

https://sync.serverbid.com/ss/2000248.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

4 KB
5 KB

13ms
12ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/iframe.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.koaa.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

Date: Tue, 20 Apr 2021 09:13:52 GMT
Connection: Keep-Alive
Cache-Control: max-age=23146
Content-Length: 4376
Content-Type: text/html
Last-Modified: Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges: bytes
ETag: "8ca299ba400101b6642362a2bceff771"
x-amz-request-id: tx0000000000000000118ed-00607da43a-4d842b1-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
Age: 0
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1618910027.dop224.fr8.t,1618910027.cds221.fr8.shn,1618910032.dop224.fr8.t,1618910032.cds018.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control: no-cache

GET
H2 200 log.gif
includemodal.com/static/ Frame 118F 42 B
199 B 110ms
110ms Image
image/gif 3.141.126.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/static/log.gif?logger=4&token=eef9ba81-dc1e-460b-b62b-5e5503cfdf38&url=https://sync.serverbid.com/ss/2000248.html%3F&o=https://www.koaa.com/
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
last-modified: Thu, 26 Sep 2019 18:10:35 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5d8cff1b-2a"
content-length: 42
content-type: image/gif

GET
H2 200 brid.hls.min.js Show response
p.brid.tv/player/build/plugins/hls/1.0.13/ Frame 238B 250 KB
75 KB 19ms
13ms Script
application/javascript 13.224.102.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/hls/1.0.13/brid.hls.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-57.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 326d77891415f82cdfafe9b74ede6ba52b2a3f2c33efd26ee18a7ce9053f31c7

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 15:32:19 GMT
content-encoding: gzip
last-modified: Wed, 23 Dec 2020 10:40:06 GMT
server: AmazonS3
age: 63694
etag: W/"d093466a4034ca23d62ed5575bab2d21"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: IowLpDfQaPlwkYu8WvZo6hQAeqJF-nZG1v1ydwaFzNolSxfxJ7_tPA==

GET
H2 200 consumable.css
c.brid.tv/live/partners/style/ Frame 238B 10 KB
2 KB 14ms
13ms Stylesheet
text/css 13.224.102.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.brid.tv/live/partners/style/consumable.css
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-57.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77d61926f7acef295665e8bc3705000e21c1a4db847338f5969af47c37822bad

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 06:31:05 GMT
content-encoding: gzip
last-modified: Fri, 07 Feb 2020 07:55:48 GMT
server: AmazonS3
age: 10636968
etag: "b4c80903a0a8c1ef4957058a948f9f2f"
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: text/css
content-length: 1952
x-amz-cf-id: C7kxhy9hJopbYCwtANqH5PLLVOnT8xQpI-zBMUmkIoUdhunVa_U6jA==

GET
H2 200 log.gif
includemodal.com/static/ Frame 118F 42 B
199 B 110ms
110ms Image
image/gif 3.141.126.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/static/log.gif?logger=1&token=eef9ba81-dc1e-460b-b62b-5e5503cfdf38&url=https://p.brid.tv/player/build/plugins/hls/1.0.13/brid.hls.min.js%3F&o=https://www.koaa.com/
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
last-modified: Thu, 26 Sep 2019 18:10:35 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5d8cff1b-2a"
content-length: 42
content-type: image/gif

GET
H2 200 log.gif
includemodal.com/static/ Frame 118F 42 B
199 B 110ms
110ms Image
image/gif 3.141.126.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/static/log.gif?logger=4&token=eef9ba81-dc1e-460b-b62b-5e5503cfdf38&url=https://c.brid.tv/live/partners/style/consumable.css%3F&o=https://www.koaa.com/
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
last-modified: Thu, 26 Sep 2019 18:10:35 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5d8cff1b-2a"
content-length: 42
content-type: image/gif

GET
H3-29 200 css
fonts.googleapis.com/ Frame 238B 708 B
366 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: c.brid.tv
URL: https://c.brid.tv/live/partners/style/consumable.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b21d7945f9a9e83d3218aa05a9a97c91d0db52e4682e6392dac56496134ce2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://c.brid.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 09:11:24 GMT
server: ESF
date: Tue, 20 Apr 2021 09:13:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Apr 2021 09:13:52 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 238B 334 KB
115 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e7e84a9247e2cbb12fcb52dd0afe3232325a13e01fc59652ad7fb3c8d5d664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117037
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:52 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 238B 23 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.koaa.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 457850
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET ping.gif
stats-dev.brid.tv/ Frame 238B 0
0

GET
H2 200 brid.parser.min.js Show response
p.brid.tv/player/build/plugins/parser/1.1.55/ Frame 238B 81 KB
23 KB 52ms
12ms Script
application/javascript 13.224.102.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/parser/1.1.55/brid.parser.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-63.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7229b2a53e66eda3fb318b555fc6d3c244e5219db8f705287989010f7e836f8

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 14:52:27 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 09:08:56 GMT
server: AmazonS3
age: 66086
etag: W/"234a13c82e0b7980eebf391cface1b48"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: TQMocBtKwQPROprw34rKBtEgoWsVwoOEIwv58xQxsj4x_6oMtLJftw==

GET
H3-29 200 bridge3.452.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3932 573 KB
187 KB 34ms
16ms Document
text/html 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.452.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1314465e7736d414ff6f92885818c878f0716ef30c1a1f0046e35535f9f730ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.452.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.koaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191779
date: Sun, 18 Apr 2021 14:13:14 GMT
expires: Mon, 18 Apr 2022 14:13:14 GMT
last-modified: Thu, 15 Apr 2021 20:25:04 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 154838
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 238B 44 KB
17 KB 247ms
15ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:53 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 238B 107 B
799 B 201ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.koaa.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 238B 107 B
553 B 199ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.koaa.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 log.gif
includemodal.com/static/ Frame 118F 42 B
200 B 326ms
108ms Image
image/gif 3.141.126.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/static/log.gif?logger=4&token=eef9ba81-dc1e-460b-b62b-5e5503cfdf38&url=https://adservice.google.de/adsid/integrator.js%3Fdomain%3Dwww.koaa.com&o=https://www.koaa.com/
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:53 GMT
last-modified: Thu, 26 Sep 2019 18:10:35 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5d8cff1b-2a"
content-length: 42
content-type: image/gif

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 8E3D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fe.serverbid.com%252Fudb%252F9969%252Fsync%252Fi.gif%253FpartnerId%253D28%2526userId%253D%2524UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=9094176334211540787

0
44 B

170ms
91ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=9094176334211540787
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:53 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.76:80
AN-X-Request-Uuid: 7b627677-496e-4470-8c55-f595af911034
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=9094176334211540787
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 8E3D
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb9ef63fb-a1b8-11eb-9925-06d29999c9f8
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPb9ef63fb-a1b8-11eb-9925-06d29999c9f8&verify=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb9ef63fb-a1b8-11eb-9925-06d29999c9f8

0
44 B

88ms
88ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb9ef63fb-a1b8-11eb-9925-06d29999c9f8
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
content-length: 0

Redirect headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPb9ef63fb-a1b8-11eb-9925-06d29999c9f8
Connection: keep-alive
Content-Length: 0

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 8E3D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YH6bUVjkjSWNyLMZ7IQg6wAA%261216

0
44 B

88ms
88ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YH6bUVjkjSWNyLMZ7IQg6wAA%261216
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YH6bUVjkjSWNyLMZ7IQg6wAA%261216
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Tue, 20 Apr 2021 09:13:53 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 71FC
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

25ms
8ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 20 Apr 2021 09:13:53 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Tue, 20 Apr 2021 09:13:53 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 117A 8 KB
3 KB 26ms
8ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=125840
Expires: Wed, 21 Apr 2021 20:11:13 GMT
Date: Tue, 20 Apr 2021 09:13:53 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 62FF 995 B
1 KB 34ms
6ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 20 Apr 2021 09:13:53 GMT
Age: 30167370
X-Served-By: cache-lga21943-LGA, cache-hhn4083-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 503850, 1968904
X-Timer: S1618910033.069008,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 8E3D
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D&ox_sc=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2db1a505-f77c-4f54-ad5c-25d49ca6fac2

0
44 B

144ms
91ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2db1a505-f77c-4f54-ad5c-25d49ca6fac2
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:53 GMT
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:52 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2db1a505-f77c-4f54-ad5c-25d49ca6fac2
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: ncadgbhdre4nrb7b4qqstkfujg7dhlgc

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 8E3D
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=bc7fc06725adf8310c7c1897

0
44 B

88ms
88ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=bc7fc06725adf8310c7c1897
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
content-length: 0

Redirect headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
Server: nginx
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=bc7fc06725adf8310c7c1897
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 8E3D 0
474 B 44ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:53 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 match
e.serverbid.com/udb/9969/ Frame 8E3D 0
44 B 271ms
90ms Image
text/plain 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.7959722044161492%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:52 GMT
content-length: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 00DC 36 KB
13 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 766
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 20 Apr 2021 10:01:07 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 42F0 38 KB
14 KB 7ms
6ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=103448
Expires: Wed, 21 Apr 2021 13:58:01 GMT
Date: Tue, 20 Apr 2021 09:13:53 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 71FC 31 KB
9 KB 15ms
10ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: aab475e61325aa8b10d5fc1127dc89c6562731d9a0dbd32db36b85a5e792ced5

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 20:37:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=31402
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9236
Expires: Tue, 20 Apr 2021 17:57:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 22ms
7ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.koaa.com%2F&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.koaa.com%2F&id=1&f=0&j=&t=1618910025868&de=422053362293&rx=562305608803&cu=1618910025868&m=7434&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=11641&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A452%3A452%3A0%3A424&as=1&ag=5198&an=1147&gi=1&gf=5198&gg=1147&ix=5198&ic=5198&ez=1&ck=1147&kw=952&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5198&bx=1147&ci=1147&jz=952&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5013&cd=952&ah=5013&am=952&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.koaa&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=2010599302&cs=0
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:13:53 GMT

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 62FF 0
744 B 18ms
5ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:53 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.16:80
AN-X-Request-Uuid: 972bb15a-c9e2-4546-bbdd-285d4cd897a7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 71FC 284 B
536 B 29ms
8ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 42F0 8 KB
9 KB 36ms
12ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13296129&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 452f5d064161c6c40ed62e24fcf6b4333f3031f84e66515e5eaee99554cd185c

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:52 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECS8ZNfYpdLMgougBqhAtXw&google_cver=1

42 B
855 B

22ms
20ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECS8ZNfYpdLMgougBqhAtXw&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:52 GMT
X-lat: amspug007:0:395
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECS8ZNfYpdLMgougBqhAtXw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame D6E8 43 B
304 B 70ms
23ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13296129&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 20 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1006
date: Tue, 20 Apr 2021 09:13:53 GMT
content-length: 43

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3216024874481726658

42 B
801 B

25ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3216024874481726658
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
X-lat: lhrpug002:0:918
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:53 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3216024874481726658
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f53f607e-9b51-4f00-bded-95eefbdf38b0&gdpr=0&gdpr_consent=

42 B
946 B

50ms
35ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f53f607e-9b51-4f00-bded-95eefbdf38b0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
X-lat: lhrpug018:0:499
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Tue, 20 Apr 2021 09:13:22 GMT
Server: MT3 3660 495c301 master cdg-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f53f607e-9b51-4f00-bded-95eefbdf38b0&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 20 Apr 2021 09:13:21 GMT

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 6F9E
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4812760320819240441

42 B
769 B

54ms
12ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4812760320819240441
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13296129&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=22E346B5-7ED3-4939-B290-170E728F06B5; chkChromeAb67Sec=1; DPSync3=1620086400%3A201_227_226_221; SyncRTB3=1621468800%3A203%7C1620086400%3A13_8_166_230_54_7_220_222_78_22_81_55_88_176_21_161_231_56_3_165_204_189_71%7C1619481600%3A67_15_223_2%7C1620172800%3A35%7C1619740800%3A63; KRTBCOOKIE_409=22966-bIeiiNaRbmamriWcdxKkWrCJ; PUBMDCID=3; KRTBCOOKIE_57=22776-9094176334211540787; KRTBCOOKIE_153=1923-opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc&KRTB&19420-opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc&KRTB&22979-opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc; KRTBCOOKIE_1101=23040-6953165646913140885; PugT=1618910033
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Tue, 20 Apr 2021 09:13:52 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-4812760320819240441; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 09:13:52 GMT; path=/ PugT=1618910032; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 09:13:52 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Jul-2021 09:13:52 GMT; path=/
X-lat: amspug005:0:378
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4812760320819240441
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9094176334211540787&gdpr=0&gdpr_consent=

42 B
769 B

56ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9094176334211540787&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:51 GMT
X-lat: amspug019:0:415
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:53 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.254:80
AN-X-Request-Uuid: b1cedbfa-799b-4e05-a9d4-369490b4c574
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9094176334211540787&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc

42 B
894 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:51 GMT
X-lat: amspug017:0:591
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame CE9A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953165646913140885

42 B
771 B

71ms
25ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953165646913140885
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13296129&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=22E346B5-7ED3-4939-B290-170E728F06B5; chkChromeAb67Sec=1; DPSync3=1620086400%3A201_227_226_221; SyncRTB3=1621468800%3A203%7C1620086400%3A13_8_166_230_54_7_220_222_78_22_81_55_88_176_21_161_231_56_3_165_204_189_71%7C1619481600%3A67_15_223_2%7C1620172800%3A35%7C1619740800%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Tue, 20 Apr 2021 09:13:53 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6953165646913140885; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 09:13:53 GMT; path=/ PugT=1618910033; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 09:13:53 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Jul-2021 09:13:53 GMT; path=/
X-lat: lhrpug008:0:502
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Tue, 20 Apr 2021 09:13:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6953165646913140885; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953165646913140885

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame FDEF
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGVlVrN0FfVGNBQUNwN3BCOTliZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

29ms
28ms

Document
image/gif

52.49.202.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13296129&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.202.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AAFVUk7A_TcAACp7pB99bg; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 20 Apr 2021 09:13:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Tue, 20 Apr 2021 09:13:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b1795684-c1bd-405c-9f01-e753f7bbc748&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

59ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b1795684-c1bd-405c-9f01-e753f7bbc748&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
X-lat: lhrpug003:0:616
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b1795684-c1bd-405c-9f01-e753f7bbc748&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Tue, 20 Apr 2021 09:13:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
761 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:52 GMT
X-lat: amspug006:0:2565
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:52 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 38AF
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bIeiiNaRbmamriWcdxKkWrCJ

42 B
775 B

27ms
15ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bIeiiNaRbmamriWcdxKkWrCJ
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13296129&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=22E346B5-7ED3-4939-B290-170E728F06B5; chkChromeAb67Sec=1; DPSync3=1620086400%3A201_227_226_221; SyncRTB3=1621468800%3A203%7C1620086400%3A13_8_166_230_54_7_220_222_78_22_81_55_88_176_21_161_231_56_3_165_204_189_71%7C1619481600%3A67_15_223_2%7C1620172800%3A35%7C1619740800%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Tue, 20 Apr 2021 09:13:53 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-bIeiiNaRbmamriWcdxKkWrCJ; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 09:13:53 GMT; path=/ PugT=1618910033; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 09:13:53 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Jul-2021 09:13:53 GMT; path=/
X-lat: amspug008:0:433
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Tue, 20 Apr 2021 09:13:53 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=bIeiiNaRbmamriWcdxKkWrCJ; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bIeiiNaRbmamriWcdxKkWrCJ
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9094176334211540787

42 B
505 B

27ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9094176334211540787
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
X-lat: lhrpug014:0:332
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 09:13:53 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.109:80
AN-X-Request-Uuid: 0eca2903-ccd5-4ed3-a13b-b9b3c41d1be7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9094176334211540787
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 1409 43 B
408 B 43ms
13ms Document
image/gif 72.251.241.196
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13296129&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-5
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 5D19 42 B
1 KB 42ms
14ms Document
image/gif 2606:4700:3039::6815:c035
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 20 Apr 2021 09:13:53 GMT
content-type: image/gif
content-length: 42
set-cookie: __cfduid=dcb7756e16f7f901801a249fa8c2458c11618910033; expires=Thu, 20-May-21 09:13:53 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7rdk
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 099027ce4700004a6e7b331000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 642d425d38034a6e-FRA

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame C487
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
443 B

178ms
177ms

Document
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13296129&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aynoeURwEfUS2QVqs97wElSa2QSpaY7VN4ZaamZaWZb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 20 Apr 2021 09:13:53 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=dea6494fdfcb484fea3eabf1f75e4fc9e1618910033; expires=Thu, 20-May-21 09:13:53 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aBnseFqZbaOE6iPq6fHjh0kNH3SmUM0Pd2aVVFEnqAn3CnyyTjg5yNg0waUMmVMZd6wfbyjuTMe4WWnjjIqrZcG; path=/; domain=.tribalfusion.com; expires=Mon, 19-Jul-2021 09:13:53 GMT; SameSite=None; Secure; ANON_ID_old=aBnseFqZbaOE6iPq6fHjh0kNH3SmUM0Pd2aVVFEnqAn3CnyyTjg5yNg0waUMmVMZd6wfbyjuTMe4WWnjjIqrZcG; path=/; domain=.tribalfusion.com; expires=Mon, 19-Jul-2021 09:13:53 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 099027cf030000d6b521ae2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 642d425e6c84d6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 20 Apr 2021 09:13:53 GMT
content-type: text/html
set-cookie: __cfduid=dea6494fdfcb484fea3eabf1f75e4fc9e1618910033; expires=Thu, 20-May-21 09:13:53 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aynoeURwEfUS2QVqs97wElSa2QSpaY7VN4ZaamZaWZb; path=/; domain=.tribalfusion.com; expires=Mon, 19-Jul-2021 09:13:53 GMT; SameSite=None; Secure; ANON_ID_old=aynoeURwEfUS2QVqs97wElSa2QSpaY7VN4ZaamZaWZb; path=/; domain=.tribalfusion.com; expires=Mon, 19-Jul-2021 09:13:53 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 297
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 099027ce4b0000d6b5052dd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 642d425d4aa0d6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8B51
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=gu5yissOqMuP&pid=557219

1 B
463 B

25ms
24ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=gu5yissOqMuP&pid=557219
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13296129&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=22E346B5-7ED3-4939-B290-170E728F06B5; chkChromeAb67Sec=1; DPSync3=1620086400%3A201_227_226_221; SyncRTB3=1621468800%3A203%7C1620086400%3A13_8_166_230_54_7_220_222_78_22_81_55_88_176_21_161_231_56_3_165_204_189_71%7C1619481600%3A67_15_223_2%7C1620172800%3A35%7C1619740800%3A63; KRTBCOOKIE_409=22966-bIeiiNaRbmamriWcdxKkWrCJ; PUBMDCID=3; KRTBCOOKIE_57=22776-9094176334211540787; KRTBCOOKIE_153=1923-opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc&KRTB&19420-opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc&KRTB&22979-opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc; KRTBCOOKIE_1101=23040-6953165646913140885; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_27=16735-uid:f53f607e-9b51-4f00-bded-95eefbdf38b0&KRTB&16736-uid:f53f607e-9b51-4f00-bded-95eefbdf38b0&KRTB&23019-uid:f53f607e-9b51-4f00-bded-95eefbdf38b0&KRTB&23114-uid:f53f607e-9b51-4f00-bded-95eefbdf38b0; KRTBCOOKIE_80=16514-CAESECS8ZNfYpdLMgougBqhAtXw&KRTB&22987-CAESECS8ZNfYpdLMgougBqhAtXw&KRTB&23025-CAESECS8ZNfYpdLMgougBqhAtXw; KRTBCOOKIE_336=5844-4812760320819240441; KRTBCOOKIE_1074=22956-e_861fa4c6-6b76-4bb7-8cc9-f05dab7279fe; PugT=1618910033; KRTBCOOKIE_391=22924-3216024874481726658&KRTB&23263-3216024874481726658; KRTBCOOKIE_22=14911-2881232158985878467
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Tue, 20 Apr 2021 09:13:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Jul-2021 09:13:53 GMT; path=/
X-lat: lhrpug011:0:449
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-7c488d4f5b-mtfsm
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=gu5yissOqMuP&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=3a1c0e8acd2b8520; path=/; HttpOnly; Secure; SameSite=None

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_861fa4c6-6b76-4bb7-8cc9-f05dab7279fe

42 B
790 B

68ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_861fa4c6-6b76-4bb7-8cc9-f05dab7279fe
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
X-lat: lhrpug015:0:599
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_861fa4c6-6b76-4bb7-8cc9-f05dab7279fe
date: Tue, 20 Apr 2021 09:13:53 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 112F 0
44 B 351ms
137ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13296129&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Tue, 20 Apr 2021 09:13:52 GMT
server: a

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 095C
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f2d48841-bbbe-4cd6-a208-199b474d9282-tuct77820d1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

19ms
16ms

Document
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f2d48841-bbbe-4cd6-a208-199b474d9282-tuct77820d1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13296129&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f2d48841-bbbe-4cd6-a208-199b474d9282-tuct77820d1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=f2d48841-bbbe-4cd6-a208-199b474d9282-tuct77820d1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Tue, 20 Apr 2021 09:13:53 GMT
via: 1.1 varnish
x-served-by: cache-fra19138-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1618910034.621861,VS0,VE9
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=f2d48841-bbbe-4cd6-a208-199b474d9282-tuct77820d1;Version=1;Path=/;Domain=.taboola.com;Expires=Wed, 20-Apr-2022 09:13:53 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f2d48841-bbbe-4cd6-a208-199b474d9282-tuct77820d1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Tue, 20 Apr 2021 09:13:53 GMT
via: 1.1 varnish
x-served-by: cache-fra19138-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1618910033.491381,VS0,VE80
x-vcl-time-ms: 80
content-length: 0

GET
H2

200

check Show response
pixel.tapad.com/idsync/ex/receive/ Frame 6DBD
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

95 B
165 B

15ms
14ms

Document
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1618910033575; TapAd_DID=ba401b74-a1b8-11eb-bbbb-66bd867ef1ea
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 20 Apr 2021 09:13:53 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

Redirect headers

date: Tue, 20 Apr 2021 09:13:53 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1618910033575;Expires=Sat, 19 Jun 2021 09:13:53 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=ba401b74-a1b8-11eb-bbbb-66bd867ef1ea;Expires=Sat, 19 Jun 2021 09:13:53 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length: 0
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

GET
H2 200 i.gif Show response
e.serverbid.com/udb/9969/sync/ Frame 3CC4 0
44 B 95ms
85ms Document
text/plain 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=22E346B5-7ED3-4939-B290-170E728F06B5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: e.serverbid.com
:scheme: https
:path: /udb/9969/sync/i.gif?partnerId=4&userId=22E346B5-7ED3-4939-B290-170E728F06B5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Tue, 20 Apr 2021 09:13:53 GMT

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 42F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IuNGtX7TSTmykBcOco8GtQ%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IuNGtX7TSTmykBcOco8GtQ%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

20ms
18ms

Image
text/html

184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=125840
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Wed, 21 Apr 2021 20:11:13 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 42F0 95 B
595 B 68ms
46ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=22E346B5-7ED3-4939-B290-170E728F06B5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 642d425d4c114e98-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 099027ce5100004e98481bd000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 42F0
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=22E346B5-7ED3-4939-B290-170E728F06B5&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=22E346B5-7ED3-4939-B290-170E728F06B5&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

28ms
27ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=22E346B5-7ED3-4939-B290-170E728F06B5&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:52 GMT
frontend-id: 13
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:52 GMT
frontend-id: 0
location: /pubmatic/1/info2?sType=sync&sExtCookieId=22E346B5-7ED3-4939-B290-170E728F06B5&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=22E346B5-7ED3-4939-B290-170E728F06B5&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=22E346B5-7ED3-4939-B290-170E728F06B5&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=22E346B5-7ED3-4939-B290-170E728F06B5&addseg=19,36,42

7 B
147 B

56ms
14ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=22E346B5-7ED3-4939-B290-170E728F06B5&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Tue, 20 Apr 2021 09:13:53 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=22E346B5-7ED3-4939-B290-170E728F06B5&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjJFMzQ2QjUtN0VEMy00OTM5LUIyOTAtMTcwRTcyOEYwNkI1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjJFMzQ2QjUtN0VEMy00OTM5LUIyOTAtMTcwRTcyOEYwNkI1&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

55ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:51 GMT
X-lat: amspug018:0:321
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 42F0 43 B
609 B 81ms
12ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 19 Apr 2021 09:13:53 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=be92bea9-a5b8-4c39-84c8-6fce267e3a6c

42 B
882 B

26ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=be92bea9-a5b8-4c39-84c8-6fce267e3a6c
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
X-lat: lhrpug019:0:421
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=be92bea9-a5b8-4c39-84c8-6fce267e3a6c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a808d6e5-baa6-4e28-934f-1e59ac847241&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=6a580d9c-0b0b-4b67-b219-91e8ab667813&expires=1&user_group=5&ssp=pubmatic&bsw_param=a808d6e5-baa6-4e28-934f-1e59ac847241
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a808d6e5-baa6-4e28-934f-1e59ac847241&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

25ms
25ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a808d6e5-baa6-4e28-934f-1e59ac847241&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
X-lat: lhrpug008:0:469
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a808d6e5-baa6-4e28-934f-1e59ac847241&gdpr=&gdpr_consent=&gdpr_pd=
date: Tue, 20 Apr 2021 09:13:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 22E346B5-7ED3-4939-B290-170E728F06B5
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 42F0 43 B
917 B 102ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/22E346B5-7ED3-4939-B290-170E728F06B5?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=22E346B5-7ED3-4939-B290-170E728F06B5&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-dYIV0MxE2uUwsjbNZV2MvgEWUcaLRC8-~A&gdpr=0&gdpr_consent=

0
587 B

91ms
25ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-dYIV0MxE2uUwsjbNZV2MvgEWUcaLRC8-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Tue, 20 Apr 2021 09:13:53 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-dYIV0MxE2uUwsjbNZV2MvgEWUcaLRC8-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2881232158985878467&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

30ms
29ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2881232158985878467&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
X-lat: lhrpug008:0:867
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2881232158985878467&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 20 Apr 2021 09:13:52 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YH6bUQAATF9iSQBg&gdpr=0&gdpr_consent=&_test=YH6bUQAATF9iSQBg

1 B
809 B

25ms
25ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YH6bUQAATF9iSQBg&gdpr=0&gdpr_consent=&_test=YH6bUQAATF9iSQBg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:53 GMT
X-lat: lhrpug017:0:488
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:53 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1618910034.812576,VS0,VE0
x-served-by: cache-fra19133-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YH6bUQAATF9iSQBg&gdpr=0&gdpr_consent=&_test=YH6bUQAATF9iSQBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 42F0 0
104 B 66ms
41ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=22E346B5-7ED3-4939-B290-170E728F06B5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:53 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3932 23 KB
5 KB 193ms
172ms XHR
text/xml 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=1344986393221975&sz=640x480&url=https%3A%2F%2Fwww.koaa.com%2F&description_url=https%3A%2F%2Fwww.koaa.com%2F&iu=%2F133810016%2FScripps%2Fscripps-8580-cnsmbl-video-970x250-dr-d&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=auto&vpmute=1&vconp=1&sdkv=h.3.452.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&mpt=brid-player&mpv=2.7.18&sdki=44d&adk=270625243&sdk_apis=2%2C7%2C8&sid=50D6BCEA-ED35-4F55-9A52-8D21415BA99F&eid=44739825&dt=1618910033524&cookie_enabled=1&scor=2176851258087877&ged=ve4_td5_tt0_pd5_la5000_er1305.420.1455.720_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.452.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

4ed326ec790ba40d677bde8996ef16856aa31caa4f04acf688b2bbc6b678fa81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4119
x-xss-protection: 0
google-lineitem-id: 5670219110
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138346684145
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.koaa.com%2F&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.koaa.com%2F&id=1&f=0&j=&t=1618910025868&de=422053362293&rx=562305608803&cu=1618910025868&m=7686&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=11641&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A452%3A452%3A0%3A424&as=1&ag=5452&an=5198&gi=1&gf=5452&gg=5198&ix=5452&ic=5452&ez=1&ck=1147&kw=952&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5452&bx=5198&ci=1147&jz=952&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5232&cd=5013&ah=5232&am=5013&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.koaa&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=1978207702&cs=0
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:13:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&pxm=3&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=EWSCRIPPSDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.koaa.com%2F&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.koaa.com%2F&id=1&ii=4&cm=11&f=0&j=&t=1618910027833&de=525496044182&cu=1618910027833&m=5985&ar=e4967b0-clean&iw=fb159f6&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11641&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A452%3A452%3A0%3A424&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5115&cd=218&ah=5115&am=218&rf=0&re=0&wb=1&cl=0&at=0&d=4753959316%3A2845107808%3A5672689199%3A138347130523&bo=21815357024&bd=21817428238&gw=ewscrippsdfp76939516016&zMoatPS=above%201&zMoatPT=landing%20false&zMoatJS=3%3A-&zMoatMMV=60%2C50%2C40%2C30%2C20%2C10&zMoatMGV=50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=safe&zMoatMMV_MAX=60&zMoatMGV_MAX=50&dfpSlotId=MAD_RIGHT_RAIL&zMoatCURL=koaa.com&zMoatDev=Desktop&zMoatDfpSlotId=MAD_RIGHT_RAIL&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=1&tz=MAD_RIGHT_RAIL&iq=60&tt=50&tu=1&tp=safe&tc=0&fs=189983&na=1280051402&cs=0
Requested by: Host: www.koaa.com
URL: https://www.koaa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:13:53 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3932 0
331 B 275ms
98ms Ping
image/gif 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knpt8ge3&c=6255873668983&slotId=3127936834491.5&qqid=CMnM5eu9jPACFeH7dwodQCIHDA&gqid=UZt-YO2IIomSrATnhpSgBg&fb=ima-html5&sdkv=h.3.452.0&ppt=brid-player&ppv=2.7.18&mrd=8&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=13&vhc=0&ghmsh_eids=44739825
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.452.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3932 0
23 B 18ms
17ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkdOTkKX6Rib2XrY7Vj74fyaa5o-qBptVa1_bjPjIQl8D7z7DJONOmGSON_hZwmpc8fhktMPfYbiXGC2mhtfZ6DtlSN6Kw7bYxxRGbNQzSW_Cp4vXpMI6FxqjoSMMKRaNePyxwUwEJwDhBnACmg9MahMxOUyeSDLp1cl7Oz9qR5uCn1oZ8eKWp5wt25tX3yS4wSCsJipLHMBb8umEU38l2pstsFhfG-d8KZRJWDAyQjd0Ei4ph0sdXbtUWNUGPslXN2Bxi-Yd-UHIq6s972BLwpQaZF3V6ya6cAKoHDBWsAcsm-DHSR780t2EWBa50M4DZKick3VZKPOCq7IhkEl3ttNiCFQ&sig=Cg0ArKJSzIL0pPls-oLuEAE&sdkv=h.3.452.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2NzAyMTkxMTAyDDEzODM0NjY4NDE0NUDdAVIoCLkFEA8lAADwQSgBOgtKRmg3SzZncklUUUILZ29vZ2xldmlkZW9QABgB&adurl=

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame 238B 0
54 B 207ms
98ms Ping
image/gif 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knpt8fvm&c=6255873668983&slotId=3127936834491.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

206

file.mp4
r3---sn-4g5ednse.gvt1.com/videoplayback/id/9381a0861e923d48/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1618931633/sparams/acao,ctier,ex... Frame 238B
Redirect Chain

https://redirector.gvt1.com/videoplayback/id/9381a0861e923d48/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1618931633/sparams/ip,ipbits,e...
https://r3---sn-4g5ednse.gvt1.com/videoplayback/id/9381a0861e923d48/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1618931633/sparams/acao,...

3 MB
3 MB

15ms
6ms

Media
video/mp4

2a00:1450:4001:69::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednse.gvt1.com/videoplayback/id/9381a0861e923d48/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1618931633/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/3A03D51A57FB4E39A7657E838F5FB6F0B5F2FC7D.0E910AC6838EBED3B06650DB1203F20884BF7F91/key/cms1/cms_redirect/yes/mh/pi/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5ednse/ms/nvh/mt/1618909688/mv/u/mvi/3/pl/47/file/file.mp4

Requested by

Host: www.koaa.com
URL: https://www.koaa.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:69::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fe5dee2d67a785d1837040865f6c858283a36355a3a01ce1b5fb7fdbf370dfa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:53 GMT
x-content-type-options: nosniff
last-modified: Sat, 17 Apr 2021 01:21:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-2687649/2687650
client-protocol: quic
cache-control: private, max-age=21300
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2687650
expires: Tue, 20 Apr 2021 09:13:53 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:53 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-4g5ednse.gvt1.com/videoplayback/id/9381a0861e923d48/itag/18/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1618931633/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/3A03D51A57FB4E39A7657E838F5FB6F0B5F2FC7D.0E910AC6838EBED3B06650DB1203F20884BF7F91/key/cms1/cms_redirect/yes/mh/pi/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5ednse/ms/nvh/mt/1618909688/mv/u/mvi/3/pl/47/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 695
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 19ms
17ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041501&st=env

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f0d40ebbcf7ed3bce383c136f6f4820ebc6d5705c1eaff16780d5d470082b87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6696
x-xss-protection: 0

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 3932 42 B
540 B 38ms
17ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3932 0
23 B 16ms
15ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNBKsDzTQqchmWB25KhUy8IEvcCohwlbxsaI4L_a0tvyM_sXPNg7ZIsHvJcnUcUB7yrpQd3pM6zOIndDVMqzcaaDNFgPUeLAqCvQpDsJ9DDwj_JGKXN0CAbuydOLDkaMhq0p9OHS9bLCTI5jVSJS8IKguax0kEyK4GORNebVD0DtDEbhDixdZ2bYaK7_fEIBLw92WtKIqxt9W_uP_q1zW21W2Y8uqTiG5jzUK_C_AoSfVR6kThREix27AZByeoass8QjZ3wiPwgYfgwdFlUtTqqVj3aF94KJX3X4DNi2BbhQ2h682NGaQU0OqB6MCw2B1J16e1azX-LnlAjfMvzQxmmyQ&sig=Cg0ArKJSzGtr5kSRXXxLEAE&sdkv=h.3.452.0&adurl=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 09:13:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 3932 42 B
108 B 21ms
18ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1RQZUZt-YIngIuH33wPAxJxg-9eO_EUAAAAQASDQ2cE0OABY8b3rsIMEYJUCsgEMd3d3LmtvYWEuY29tugELNDQ0eDI1MF94bWzIAQXaARVodHRwczovL3d3dy5rb2FhLmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoHSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhDm2uKPFZAGAaAGI6gH7NUbqAfz0RuoB5bYG9gHAeAHHtIICQiA4YAQEAEYHdgIAoAKBZgLAQ&sigh=nT5T4mcHmFM&label=vast_creativeview&ad_mt=0&acvw=sv%3D894%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1305,420,1555,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D512%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D934194017%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618910034102%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1618910033912&sdkv=h.3.452.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2NzAyMTkxMTAyDDEzODM0NjY4NDE0NUDdAVIrCLkFEA8lAADwQSgBOgtKRmg3SzZncklUUUILZ29vZ2xldmlkZW9I-wFQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 3932 42 B
108 B 20ms
17ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1RQZUZt-YIngIuH33wPAxJxg-9eO_EUAAAAQASDQ2cE0OABY8b3rsIMEYJUCsgEMd3d3LmtvYWEuY29tugELNDQ0eDI1MF94bWzIAQXaARVodHRwczovL3d3dy5rb2FhLmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoHSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhDm2uKPFZAGAaAGI6gH7NUbqAfz0RuoB5bYG9gHAeAHHtIICQiA4YAQEAEYHdgIAoAKBZgLAQ&sigh=nT5T4mcHmFM&label=videoautoplayed&ad_mt=0&acvw=sv%3D894%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1305,420,1555,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D512%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D934194017%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618910034102%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1618910033912&sdkv=h.3.452.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2NzAyMTkxMTAyDDEzODM0NjY4NDE0NUDdAVIrCLkFEA8lAADwQSgBOgtKRmg3SzZncklUUUILZ29vZ2xldmlkZW9I-wFQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3932 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzd2WYTxlSkYxcSIoy-mUGItDKG1q4-5qfTtSJfSolsmLXhkWblpqvpMGCxJ_VjLEjrAxiilEKDW7jq6RUebI99vvPxHzCs6Yp78nxZYM&sig=Cg0ArKJSzAtNWtN88UmZEAE&id=lidarv&acvw=sv%3D894%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1305,420,1555,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D512%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D934194017%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618910034104%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618910033912&avm=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 3932 42 B
108 B 24ms
22ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1RQZUZt-YIngIuH33wPAxJxg-9eO_EUAAAAQASDQ2cE0OABY8b3rsIMEYJUCsgEMd3d3LmtvYWEuY29tugELNDQ0eDI1MF94bWzIAQXaARVodHRwczovL3d3dy5rb2FhLmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoHSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhDm2uKPFZAGAaAGI6gH7NUbqAfz0RuoB5bYG9gHAeAHHtIICQiA4YAQEAEYHdgIAoAKBZgLAQ&sigh=nT5T4mcHmFM&label=part2viewed&ad_mt=0&acvw=sv%3D894%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1305,420,1555,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D512%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D934194017%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618910034107%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618910033912&sdkv=h.3.452.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2NzAyMTkxMTAyDDEzODM0NjY4NDE0NUDdAVIrCLkFEA8lAADwQSgBOgtKRmg3SzZncklUUUILZ29vZ2xldmlkZW9I-wFQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 3932 42 B
108 B 21ms
19ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1RQZUZt-YIngIuH33wPAxJxg-9eO_EUAAAAQASDQ2cE0OABY8b3rsIMEYJUCsgEMd3d3LmtvYWEuY29tugELNDQ0eDI1MF94bWzIAQXaARVodHRwczovL3d3dy5rb2FhLmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoHSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhDm2uKPFZAGAaAGI6gH7NUbqAfz0RuoB5bYG9gHAeAHHtIICQiA4YAQEAEYHdgIAoAKBZgLAQ&sigh=nT5T4mcHmFM&label=admute&ad_mt=0&acvw=sv%3D894%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1305,420,1555,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D19%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D19%26pst%3D-1%26dur%3D30000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D19%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D512%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D934194017%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618910034112%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618910033912&sdkv=h.3.452.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2NzAyMTkxMTAyDDEzODM0NjY4NDE0NUDdAVIrCLkFEA8lAADwQSgBOgtKRmg3SzZncklUUUILZ29vZ2xldmlkZW9I-wFQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 20 Apr 2021 09:13:54 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 238B 0
346 B 37ms
12ms Image
image/gif 13.224.102.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&b=c&pid=17750&s=450|250&os=l&m=0&apa=0&df=0&ow=14722&id=undefined&pub=p&e=i&aid=0&par=i&pp=0&wp=0&at=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-24.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 06:33:55 GMT
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 9600
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: uP1lpdWQNV26tukJOmylPgS8oefgSiP5NzEYbB1BJO26smkKx4Y-wA==

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F4AD 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.koaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 20 Apr 2021 08:38:07 GMT
expires: Wed, 20 Apr 2022 08:38:07 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2147
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame F4AD 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 10:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 82843
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Tue, 19 Apr 2022 10:13:11 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 17ms
17ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041501&jk=2004683021777342&bg=!X1ylXBjNAAZUuIlwVLg7ACkAdvg8WsGEuEHgAj25JmjFTAzcQgLbBPfWltA7m9rtr1IdPM9z6TpnaAIAAAB1UgAAAA9oAQcKAad6ALFF2ssELnpRnJF2okPrgVBexbadGAt8716QGHAJL2HcZX48VnJVB3wmoa-yhtY8Wu9SpSQ5FONU-fTEt3iMEvTbtI5yPjI5LaW2SYazvT_XIEI54K5nf7Q2TcMAiuDBdOOiw8bIKS-3h90n7lZ_Ep4k7E92ZN6m8WXdIJfJvEf8Qskgipy77vkiWGpBO-8nzjwjXES3XoBNLfwVciiTItFW4JQNqXobTyyVY45zQqj2HBEwxLj9_O3tBtLZ_XUfJ1Nqci9W2EePQkNanr8hgtl_tqNFaKbwVJp8e-bVm9bXeFl38FBDVBWd2vPYLTB2qDDCl42bSCo6jZixL0gX9nEmBsDxuJq7b3-zg7d8H10x-WP0Mn0pmlV1gZcfua9C_I1zRCSWwYfTaAihDtcDvTwRqQhTcg-rks3dP7jb2BO2FzjrAx4HTni6LorkLvXd_IF8wHpqt6cDrG35N4yI2BnwhFTHrs7W-Yb3y8TQ31f0fPpzALqE4Mw6UAv7z45VGFJWmWiB9ubVQbxKGyNd4WK9dul1q0rQPgoCgvasued5zNJfQO-ZAdTVSfwmgXCyGuYJF-Sb4lHA4LTe3kufbLVQ8L_VVP5-cO4FG1yQN02fphI6oAZDV9koLFwgciZ1FzpLk8rJOhWyjIKEmp-Bmle9CVKQof_c8F-PApJjWT3FLthC1611daogdgmCPP_4c1jwkpLYFTMQ1cM9r4yRETL9gd2V26PZX30Rn3TI4XQnJumqogapuJ9Pi3aLAKGpC6Aheoy5KxaxuJ94hQg51dJDPeYMYhpf0ZvD8J2aevGKewgkuZSAE1r-nF_-4HNcp7yO2PB8NEY6DMwbcfslBhyuSgRpIWeYAXrhK6P3cgIyY6mMueesdbg1EgeqzSVWdDY9nc6mfLTa98H2Yp8lHnyC79H-pZSGlFQAo7gTUxOUMohw6UJvznhwTZJ2SAXdS5hoJKAulGaO_kgdrn1lZN0tCbxLMvtdCOCIViHxdiN75098RmPIvXw5afAk3NIiN2wdtcvF_oLFEdXIQ9gVAJl2ZAcSrXYG0qLKDqFrEQ7WDgdE6f_jXT6TbDxnguFLRp0Np6rp32MwwVc-_d3Nt6r6HCegaoKIOxauHcHa34jKJdFX-f4ITf44EST3NfFN95Uxkw9UJzixvI-dk03oydrlnQffPrzZJp38o9U

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 3932 0
17 B 191ms
99ms Ping
image/gif 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knpt8gq3&c=6255873668983&slotId=3127936834491.5&qqid=CMnM5eu9jPACFeH7dwodQCIHDA&gqid=UZt-YO2IIomSrATnhpSgBg&fb=ima-html5&sdkv=h.3.452.0&ppt=brid-player&ppv=2.7.18&mrd=8&aab=1&itv=1&gpm_i=13&gpm_c=12&gpm_a=9&smb=250&br=697&mt=video%2Fmp4&vs=640x360&webm=4&vp9=0&vamt=video%2F3gpp%2Cvideo%2F3gpp%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Capplication%2Fx-mpegurl%2Capplication%2Fdash%2Bxml%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=18&vsrc=gfp_video_ads
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.452.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame E9CF 38 KB
14 KB 9ms
8ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.koaa.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES; KADUSERCOOKIE=22E346B5-7ED3-4939-B290-170E728F06B5; chkChromeAb67Sec=1; DPSync3=1620086400%3A201_227_226_221; SyncRTB3=1621468800%3A203%7C1620086400%3A13_8_166_230_54_7_220_222_78_22_81_55_88_176_21_161_231_56_3_165_204_189_71%7C1619481600%3A67_15_223_2%7C1620172800%3A35%7C1619740800%3A63; KRTBCOOKIE_409=22966-bIeiiNaRbmamriWcdxKkWrCJ; PUBMDCID=3; KRTBCOOKIE_57=22776-9094176334211540787; KRTBCOOKIE_153=1923-opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc&KRTB&19420-opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc&KRTB&22979-opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc; KRTBCOOKIE_1101=23040-6953165646913140885; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_27=16735-uid:f53f607e-9b51-4f00-bded-95eefbdf38b0&KRTB&16736-uid:f53f607e-9b51-4f00-bded-95eefbdf38b0&KRTB&23019-uid:f53f607e-9b51-4f00-bded-95eefbdf38b0&KRTB&23114-uid:f53f607e-9b51-4f00-bded-95eefbdf38b0; KRTBCOOKIE_80=16514-CAESECS8ZNfYpdLMgougBqhAtXw&KRTB&22987-CAESECS8ZNfYpdLMgougBqhAtXw&KRTB&23025-CAESECS8ZNfYpdLMgougBqhAtXw; KRTBCOOKIE_336=5844-4812760320819240441; KRTBCOOKIE_1074=22956-e_861fa4c6-6b76-4bb7-8cc9-f05dab7279fe; PugT=1618910033; KRTBCOOKIE_391=22924-3216024874481726658&KRTB&23263-3216024874481726658; KRTBCOOKIE_22=14911-2881232158985878467; SPugT=1618910033; KRTBCOOKIE_466=16530-a808d6e5-baa6-4e28-934f-1e59ac847241; KRTBCOOKIE_377=6810-be92bea9-a5b8-4c39-84c8-6fce267e3a6c&KRTB&22918-be92bea9-a5b8-4c39-84c8-6fce267e3a6c&KRTB&23031-be92bea9-a5b8-4c39-84c8-6fce267e3a6c; KRTBCOOKIE_218=22978-YH6bUQAATF9iSQBg&KRTB&23194-YH6bUQAATF9iSQBg&KRTB&23209-YH6bUQAATF9iSQBg&KRTB&23244-YH6bUQAATF9iSQBg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=103447
Expires: Wed, 21 Apr 2021 13:58:01 GMT
Date: Tue, 20 Apr 2021 09:13:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 84D9 281 B
554 B 7ms
7ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.koaa.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 20 Apr 2021 09:13:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 1BA2 668 B
816 B 32ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: b94bbf83e105e20a992cc0bc65be679f1301605719ed2649c77be563245838ae

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.koaa.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=c7c31593-e764-434a-9c06-2d2979da0bb2|1618910033
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=c7c31593-e764-434a-9c06-2d2979da0bb2|1618910033; Version=1; Expires=Wed, 20-Apr-2022 09:13:54 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618910034|gekin0vNiygu; Version=1; Expires=Wed, 05-May-2021 09:13:54 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 20 Apr 2021 09:13:54 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK Cookie set check.html Show response
biddr.brealtime.com/ Frame 23F7 926 B
1 KB 58ms
23ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host: biddr.brealtime.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.koaa.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.koaa.com/

Response headers

Date: Tue, 20 Apr 2021 09:13:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dd3662c3421d838dfbd3f529ecab021a51618910034; expires=Thu, 20-May-21 09:13:54 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2: yha6/A2XjBvkC+MqmgT8b/fjoeWk6aro0Pxkd3OTcLbhqLrlmS0Jeqit1iNRrw/irIDovoAFby0=
x-amz-request-id: 3F71B386A6C1C568
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 267
Expires: Tue, 20 Apr 2021 09:14:54 GMT
Cache-Control: public, max-age=60
cf-request-id: 099027d2b90000fa281a949000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 642d42645b89fa28-AMS
Content-Encoding: gzip

GET
H2 200 log.gif
includemodal.com/static/ Frame 118F 42 B
199 B 106ms
106ms Image
image/gif 3.141.126.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/static/log.gif?logger=4&token=eef9ba81-dc1e-460b-b62b-5e5503cfdf38&url=https://biddr.brealtime.com/check.html%3F&o=https://www.koaa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:54 GMT
last-modified: Thu, 26 Sep 2019 18:10:35 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5d8cff1b-2a"
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 84D9 31 KB
9 KB 6ms
6ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: aab475e61325aa8b10d5fc1127dc89c6562731d9a0dbd32db36b85a5e792ced5

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 20:37:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=31401
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9236
Expires: Tue, 20 Apr 2021 17:57:15 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 1BA2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f53f607e-9b51-4f00-bded-95eefbdf38b0

43 B
106 B

17ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f53f607e-9b51-4f00-bded-95eefbdf38b0
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 20 Apr 2021 09:13:24 GMT
Server: MT3 3660 495c301 master cdg-pixel-x3
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f53f607e-9b51-4f00-bded-95eefbdf38b0
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 20 Apr 2021 09:13:23 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1BA2
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Pr2Y2jHvmo4lupzbOu-C2T3pn94lvczaP-gil0dg

43 B
106 B

32ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Pr2Y2jHvmo4lupzbOu-C2T3pn94lvczaP-gil0dg
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Pr2Y2jHvmo4lupzbOu-C2T3pn94lvczaP-gil0dg
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 1BA2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3216024874481726658

43 B
106 B

15ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3216024874481726658
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3216024874481726658
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 1BA2 70 B
264 B 36ms
35ms Image
image/gif 18.202.255.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=146f2aca-4ee3-7cbd-c6d0-e5c11dfd384f&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 1BA2 170 B
188 B 17ms
16ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzgwMGY5MDAtODc5NC0yMjE5LWQzMzAtYmY3OGQ3MWZmNjJm

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1BA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJzQZkiWf7t7B1LoLiDijU&google_cver=1

43 B
180 B

16ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJzQZkiWf7t7B1LoLiDijU&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELJzQZkiWf7t7B1LoLiDijU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 42F0 0
418 B 43ms
14ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 09:13:54 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 238B 0
346 B 12ms
12ms Image
image/gif 13.224.102.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&b=c&pid=17750&s=450|250&os=l&m=0&apa=0&df=0&ow=14722&id=undefined&pub=p&e=vi&aid=0&par=i&pp=0&wp=0&at=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-24.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 06:33:55 GMT
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 9602
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: IfwhQD7x-XdZVlzeh09nrRtS4ArbNdm5cJW9Lw8jz6atOSQUi8jMuQ==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 9ms
9ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2F9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.koaa.com%2F&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.koaa.com%2F&id=1&f=0&j=&t=1618910025868&de=422053362293&rx=562305608803&cu=1618910025868&m=12275&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=11641&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A452%3A452%3A0%3A424&as=1&ag=10040&an=5452&gi=1&gf=10040&gg=5452&ix=10040&ic=10040&ez=1&ck=1147&kw=952&aj=1&pg=100&pf=100&ib=1&cc=1&bw=10040&bx=5452&ci=1147&jz=952&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9873&cd=5232&ah=9873&am=5232&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.koaa&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=91915815&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:13:58 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 3932 42 B
210 B 20ms
16ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1RQZUZt-YIngIuH33wPAxJxg-9eO_EUAAAAQASDQ2cE0OABY8b3rsIMEYJUCsgEMd3d3LmtvYWEuY29tugELNDQ0eDI1MF94bWzIAQXaARVodHRwczovL3d3dy5rb2FhLmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoHSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhDm2uKPFZAGAaAGI6gH7NUbqAfz0RuoB5bYG9gHAeAHHtIICQiA4YAQEAEYHdgIAoAKBZgLAQ&sigh=nT5T4mcHmFM&label=video_skip_shown&ad_mt=5205&acvw=sv%3D894%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D1305,420,1555,870%26p0%3D1305,420,1555,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5244%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1036%26pst%3D440%26dur%3D30000%26vmtime%3D5205%26is%3D18%26i0%3D18%26cs%3D4114%26c%3D0%26c0%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D512%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D934194017%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618910039338%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1618910033912&sdkv=h.3.452.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2NzAyMTkxMTAyDDEzODM0NjY4NDE0NUDdAVIrCLkFEA8lAADwQSgBOgtKRmg3SzZncklUUUILZ29vZ2xldmlkZW9I-wFQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:13:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIyvOa6b2M8AIVSsW7CB2kawgxEAAYACCA4OFGQhMI56Lh6L2M8AIVGAfgCh2Otw44;met=1;&timestamp=1618910040800;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 9FBC 42 B
498 B 60ms
40ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyvOa6b2M8AIVSsW7CB2kawgxEAAYACCA4OFGQhMI56Lh6L2M8AIVGAfgCh2Otw44;met=1;&timestamp=1618910040800;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:14:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 3932 42 B
66 B 26ms
25ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1RQZUZt-YIngIuH33wPAxJxg-9eO_EUAAAAQASDQ2cE0OABY8b3rsIMEYJUCsgEMd3d3LmtvYWEuY29tugELNDQ0eDI1MF94bWzIAQXaARVodHRwczovL3d3dy5rb2FhLmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoHSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhDm2uKPFZAGAaAGI6gH7NUbqAfz0RuoB5bYG9gHAeAHHtIICQiA4YAQEAEYHdgIAoAKBZgLAQ&sigh=nT5T4mcHmFM&label=videoplaytime25&ad_mt=7705&acvw=sv%3D894%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1305,420,1555,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7743%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1639%26pst%3D440%26dur%3D30000%26vmtime%3D7705%26dvs%3D0%26dfvs%3D0%26dvpt%3D7724%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D512%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D934194017%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618910041837%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618910033912&sdkv=h.3.452.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2NzAyMTkxMTAyDDEzODM0NjY4NDE0NUDdAVIrCLkFEA8lAADwQSgBOgtKRmg3SzZncklUUUILZ29vZ2xldmlkZW9I-wFQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:14:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
6ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&wf=1&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.koaa.com%2F&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.koaa.com%2F&id=1&f=0&j=&t=1618910025868&de=422053362293&rx=562305608803&cu=1618910025868&m=17307&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=11641&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A452%3A452%3A0%3A424&as=1&ag=15072&an=10040&gi=1&gf=15072&gg=10040&ix=15072&ic=15072&ez=1&ck=1147&kw=952&aj=1&pg=100&pf=100&ib=1&cc=1&bw=15072&bx=10040&ci=1147&jz=952&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14905&cd=9873&ah=14905&am=9873&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.koaa&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=833287880&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:14:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:14:03 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&pxm=3&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=EWSCRIPPSDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.koaa.com%2F&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.koaa.com%2F&id=1&ii=4&cm=11&f=0&j=&t=1618910027833&de=525496044182&cu=1618910027833&m=15959&ar=e4967b0-clean&iw=fb159f6&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11641&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A452%3A452%3A0%3A424&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15141&cd=5115&ah=15141&am=5115&rf=0&re=0&wb=1&cl=0&at=0&d=4753959316%3A2845107808%3A5672689199%3A138347130523&bo=21815357024&bd=21817428238&gw=ewscrippsdfp76939516016&zMoatPS=above%201&zMoatPT=landing%20false&zMoatJS=3%3A-&zMoatMMV=60%2C50%2C40%2C30%2C20%2C10&zMoatMGV=50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatMSafety=safe&zMoatMMV_MAX=60&zMoatMGV_MAX=50&dfpSlotId=MAD_RIGHT_RAIL&zMoatCURL=koaa.com&zMoatDev=Desktop&zMoatDfpSlotId=MAD_RIGHT_RAIL&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=1&tz=MAD_RIGHT_RAIL&iq=60&tt=50&tu=1&tp=safe&tc=0&fs=189983&na=1656030080&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.koaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 09:14:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 20 Apr 2021 09:14:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/openx?oxid=d9418779-af39-3115-69cd-ab197ea5b395&gdpr=1

Domain: dsp.adfarm1.adition.com
URL: https://dsp.adfarm1.adition.com/cookie/?ssp=9

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=

Domain: visitor.fiftyt.com
URL: https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=98B9BCDA-2B79-472B-9E66-52F9E1958C44&gdpr=

Domain: um.simpli.fi
URL: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=

Domain: search.spotxchange.com
URL: https://search.spotxchange.com/openrtb/2.3/dados/284289

Domain: ads.adaptv.advertising.com
URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Consumable

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=2000&ts=1618910029573&src=pbjs

Domain: as-sec.casalemedia.com
URL: https://as-sec.casalemedia.com/cygnus?s=489464&v=8.1&r=%7B%22id%22%3A%221985482911173ca%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22202a31b22b51c24%22%2C%22ext%22%3A%7B%22siteID%22%3A%22489464%22%2C%22sid%22%3A%22640x480%22%7D%2C%22video%22%3A%7B%22size%22%3A%5B640%2C480%5D%2C%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22application%2Fjavascript%22%2C%22application%2Fx-mpegurl%22%2C%22video%2F3gpp%22%2C%22video%2Fmp4%22%2C%22video%2Fmpeg%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22video%2Fx-m4v%22%2C%22video%2Fx-ms-asf%22%2C%22video%2Fx-ms-wmv%22%2C%22video%2Fx-msvideo%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A120%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22linearity%22%3A1%2C%22w%22%3A640%2C%22h%22%3A480%2C%22placement%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.koaa.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22consumable.com%22%2C%22sid%22%3A%222000248%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1&nf=1&

Domain: prebid.digitru.st
URL: https://prebid.digitru.st/id/v1

Domain: prebid.digitru.st
URL: https://prebid.digitru.st/id/v1

Domain: stats-dev.brid.tv
URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&b=c&pid=17750&s=450|250&apa=0&df=0&os=l&m=0&ow=14722&e=l

Domain: stats-dev.brid.tv
URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&b=c&pid=17750&s=450|250&os=l&m=0&apa=0&df=0&ow=14722&id=undefined&pub=p&e=r&aid=0&par=i&pp=0&wp=0&at=0

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adnxs.com/	1970-01-19 19:51:26	Name: uuid2 Value: 9094176334211540787
.tapad.com/	1970-01-19 19:08:14	Name: TapAd_TS Value: 1618910033575
.taboola.com/	1970-01-20 02:27:26	Name: t_gid Value: f2d48841-bbbe-4cd6-a208-199b474d9282-tuct77820d1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 3a1c0e8acd2b8520
.tribalfusion.com/	1970-01-19 19:51:26	Name: ANON_ID Value: aBnseFqZbaOE6iPq6fHjh0kNH3SmUM0Pd2aVVFEnqAn3CnyyTjg5yNg0waUMmVMZd6wfbyjuTMe4WWnjjIqrZcG
.bidr.io/	1970-01-20 03:10:23	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-20 03:10:23	Name: bito Value: AAFVUk7A_TcAACp7pB99bg
.adfarm1.adition.com/	1970-01-19 19:51:26	Name: UserID1 Value: 6953165646913140885
.openx.net/	1970-01-20 02:27:26	Name: i Value: c7c31593-e764-434a-9c06-2d2979da0bb2\|1618910033
.pubmatic.com/	1970-01-19 19:51:26	Name: KRTBCOOKIE_218 Value: 22978-YH6bUQAATF9iSQBg&KRTB&23194-YH6bUQAATF9iSQBg&KRTB&23209-YH6bUQAATF9iSQBg&KRTB&23244-YH6bUQAATF9iSQBg
.pubmatic.com/	1970-01-19 18:25:02	Name: SPugT Value: 1618910033
.pubmatic.com/	1970-01-19 18:25:02	Name: KRTBCOOKIE_22 Value: 14911-2881232158985878467
.pubmatic.com/	1970-01-19 18:25:02	Name: KRTBCOOKIE_1101 Value: 23040-6953165646913140885
.pubmatic.com/	1970-01-19 19:51:26	Name: KRTBCOOKIE_377 Value: 6810-be92bea9-a5b8-4c39-84c8-6fce267e3a6c&KRTB&22918-be92bea9-a5b8-4c39-84c8-6fce267e3a6c&KRTB&23031-be92bea9-a5b8-4c39-84c8-6fce267e3a6c
.pubmatic.com/	1970-01-19 18:25:02	Name: PugT Value: 1618910033
.pubmatic.com/	1970-01-19 18:25:02	Name: KRTBCOOKIE_391 Value: 22924-3216024874481726658&KRTB&23263-3216024874481726658
.pubmatic.com/	1970-01-19 18:25:02	Name: KRTBCOOKIE_1074 Value: 22956-e_861fa4c6-6b76-4bb7-8cc9-f05dab7279fe
.pubmatic.com/	1970-01-19 18:25:02	Name: KRTBCOOKIE_27 Value: 16735-uid:f53f607e-9b51-4f00-bded-95eefbdf38b0&KRTB&16736-uid:f53f607e-9b51-4f00-bded-95eefbdf38b0&KRTB&23019-uid:f53f607e-9b51-4f00-bded-95eefbdf38b0&KRTB&23114-uid:f53f607e-9b51-4f00-bded-95eefbdf38b0
.pubmatic.com/	1970-01-19 22:01:02	Name: KRTBCOOKIE_188 Value: 3189-no-consent
.pubmatic.com/	1970-01-19 19:51:26	Name: KADUSERCOOKIE Value: 22E346B5-7ED3-4939-B290-170E728F06B5
.pubmatic.com/	1970-01-19 18:25:02	Name: KRTBCOOKIE_336 Value: 5844-4812760320819240441
.pubmatic.com/	1970-01-19 19:51:26	Name: KRTBCOOKIE_153 Value: 1923-opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc&KRTB&19420-opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc&KRTB&22979-opyv1q3OrYK5m6vXps611aHIqNK5nPvWo8lh7dRc
.pubmatic.com/	1970-01-19 18:25:02	Name: KRTBCOOKIE_409 Value: 22966-bIeiiNaRbmamriWcdxKkWrCJ
.pubmatic.com/	1970-01-19 19:51:26	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 19:51:26	Name: KRTBCOOKIE_466 Value: 16530-a808d6e5-baa6-4e28-934f-1e59ac847241
.ads.pubmatic.com/	1970-01-19 17:43:16	Name: KCCH Value: YES
.pubmatic.com/	1970-01-19 19:51:26	Name: KRTBCOOKIE_57 Value: 22776-9094176334211540787
.pubmatic.com/	1970-01-19 19:51:26	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 19:51:26	Name: SyncRTB3 Value: 1621468800%3A203%7C1620086400%3A13_8_166_230_54_7_220_222_78_22_81_55_88_176_21_161_231_56_3_165_204_189_71%7C1619481600%3A67_15_223_2%7C1620172800%3A35%7C1619740800%3A63
.tapad.com/	1970-01-19 19:08:14	Name: TapAd_DID Value: ba401b74-a1b8-11eb-bbbb-66bd867ef1ea
.pubmatic.com/	1970-01-19 19:51:26	Name: DPSync3 Value: 1620086400%3A201_227_226_221
.pubmatic.com/	1970-01-19 19:51:26	Name: KRTBCOOKIE_80 Value: 16514-CAESECS8ZNfYpdLMgougBqhAtXw&KRTB&22987-CAESECS8ZNfYpdLMgougBqhAtXw&KRTB&23025-CAESECS8ZNfYpdLMgougBqhAtXw
.koaa.com/	1970-01-20 03:03:26	Name: __gads Value: ID=243cafe4b09470ee:T=1618910033:S=ALNI_MYp-FcIsmffXsfdD6Ebc_spf7THrg
.doubleclick.net/	1970-01-20 03:03:26	Name: IDE Value: AHWqTUlLhcTc45PHiWajB9jLZhDMwRiz-VL-U916kIRXnWyzwe6-hM5XZZj0JVODKmw

40 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: we are running the javascript modules
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: inside showcaselist
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: undefined
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: starting the state machine
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: the end of fetchschedules
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: STATE ISlive
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: WE ARE TOGGLING LIVE
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: TOGGLING ELEMENTS
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: TOGGLING ELEMENTS
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: REMOVING HIDDENhttps://www.koaa.com/live
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: REMOVING HIDDENhttps://www.koaa.com/live
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: REMOVING HIDDENhttps://www.koaa.com/live
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1618910027774(Line 1) Message: not in breakout
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1618910027774(Line 1) Message: true
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1618910027774(Line 1) Message: true
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1618910027774(Line 1) Message: true
console-api	warning	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470(Line 5) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1618910027774(Line 1) Message: iframeLoaded called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1618910027774(Line 1) Message: iframeResized called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470(Line 20) Message: loadTrack called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470(Line 20) Message: bindbuttons called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470(Line 20) Message: player ready
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470(Line 20) Message: bindPlayerMethods called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470(Line 20) Message: mutechange event
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470(Line 20) Message: requestAd
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470(Line 20) Message: Video start
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1618910029470(Line 20) Message: adStart

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18f46a15319d7453f2f1ebab05c901de.safeframe.googlesyndication.com
4394967.fls.doubleclick.net
9dad271dcfcbf03b12bc705bcc458578.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
apex.go.sonobi.com
api.ewscloud.com
api.pymx5.com
as-sec.casalemedia.com
assets.scrippsdigital.com
aud.pubmatic.com
bh.contextweb.com
biddr.brealtime.com
browser.sentry-cdn.com
c.amazon-adsystem.com
c.brid.tv
c1.adform.net
cdn.bannersolution.net
cdn.cookielaw.org
cdn.doubleverify.com
cdn.parsely.com
cdn.traileraddict.com
cdnjs.cloudflare.com
clarium.global.ssl.fastly.net
cm.adgrx.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
contextual.media.net
cs.emxdgt.com
csi.gstatic.com
d25dfknw9ghxs6.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d5p.de17a.com
dd072df9924c140888c93f6705623ea8.safeframe.googlesyndication.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
e.serverbid.com
engine.bannersolution.net
eu-u.openx.net
eus.rubiconproject.com
ewscripps.brightspotcdn.com
fonts.googleapis.com
fonts.gstatic.com
gift-connect-d.openx.net
go.sonobi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
hb.emxdgt.com
hblg.media.net
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
includemodal.com
includemodal.global.ssl.fastly.net
koaa.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mb.moatads.com
mwzeom.zeotap.com
p.brid.tv
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pbs.publishers.tremorhub.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.digitru.st
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.moatads.com
pymx5.com
r3---sn-4g5ednse.gvt1.com
redirector.gvt1.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sejs.moatads.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
services.brid.tv
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.ewscloud.com
stats-dev.brid.tv
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20234.doubleverify.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
v.traileraddict.com
videoads.ewscloud.com
visitor.fiftyt.com
vtrdn-wjdav.ads.tremorhub.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.koaa.com
www.tickcounter.com
x.bidswitch.net
yummy.consumable.com
z.moatads.com
ads.adaptv.advertising.com
as-sec.casalemedia.com
bh.contextweb.com
dsp.adfarm1.adition.com
hb.emxdgt.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
prebid.digitru.st
search.spotxchange.com
stats-dev.brid.tv
um.simpli.fi
visitor.fiftyt.com
104.111.230.142
104.17.119.107
104.84.56.24
13.224.102.24
13.224.102.56
13.224.102.57
13.224.102.63
13.224.102.90
13.224.103.105
13.224.96.38
13.32.25.103
13.32.25.122
13.32.25.20
13.32.25.46
134.209.131.220
142.250.185.130
142.250.186.98
151.101.113.108
151.101.113.194
151.101.13.194
151.101.13.44
151.101.14.49
159.253.128.188
165.227.252.242
169.197.150.7
172.217.18.102
172.217.18.98
172.217.23.98
178.162.133.148
178.162.133.149
178.162.133.150
178.250.0.163
178.62.202.251
18.156.0.31
18.159.17.140
18.195.155.181
18.197.47.23
18.202.255.125
184.30.20.198
184.30.20.241
184.30.21.162
185.29.135.227
185.29.135.234
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
198.148.27.139
2001:678:cb4:bbbb::11
205.185.216.10
213.155.156.166
213.254.244.26
216.52.2.30
23.111.9.35
23.79.143.124
2600:1f18:612b:4216:b3d7:e742:13a8:bd05
2600:1f18:612b:4232:d8ff:eb32:9f2d:cd3f
2600:9000:2057:2600:9:4c16:5180:21
2600:9000:2057:5c00:d:77c3:2dc0:21
2600:9000:211e:4200:10:618e:d880:93a1
2600:9000:2190:5200:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2606:4700:20::681a:236
2606:4700:20::681a:336
2606:4700:3039::6815:c035
2606:4700::6810:135e
2606:4700::6810:9440
2606:4700::6812:d05
2607:f8b0:4006:807::2003
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1450:4001:69::8
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2008
2a00:1450:4001:803::200a
2a00:1450:4001:808::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2002
2a00:1450:400c:c0d::9c
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:ba18
2a02:26f0:7100:1aa::4469
2a02:26f0:7100:298::19fd
2a02:fa8:8806:12::1370
2a03:2880:f02d:12:face:b00c:0:3
2a04:4e42::729
3.126.56.137
3.141.126.26
34.249.123.233
34.96.74.203
34.98.107.212
35.156.153.71
35.158.19.244
35.173.69.207
35.186.253.211
35.201.96.126
35.227.203.93
35.227.248.159
35.244.159.8
37.157.3.30
37.252.172.38
37.48.77.133
51.68.39.188
52.30.184.164
52.49.202.212
52.58.146.86
54.144.144.142
65.9.66.37
66.155.71.25
69.173.144.165
72.251.241.196
77.243.60.138
85.114.159.93
87.98.128.108
89.149.201.75
99.86.2.98
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0aae9ffbfef06b0b5ef60ef6c0aebfceebb2e9f0deca58dcd9aacacda7e0d7fe
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d37ed7a882409d5ab1097af48b4466eeae564774e8b331a60552cd1b12c1f85
0d708e0dc50c60616a0ac694cc095518e3aa9a133a7d73f1127c1f8717f3b2db
0f0d40ebbcf7ed3bce383c136f6f4820ebc6d5705c1eaff16780d5d470082b87
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
119679dc965803b69e2ab62236c0751a6e84588c981f5527369f337dd9188e36
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1314465e7736d414ff6f92885818c878f0716ef30c1a1f0046e35535f9f730ee
13ff01508e9e4f1a98273cd84a35da402b3c384276b4efba5aad14fb68318180
1555faed5dbb0664285f114e53c271e3e0bd7c32ba14b97893f8f95214ac0bcf
15c89258ac60abfacc2f4bf75d2495571f0c33afeb68cbd12c21b97dfb2090d5
17c4b81dabfd36ca30e8f48f6b0218dafa1843ebecc4f6abec945ea4c2c66511
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b21d7945f9a9e83d3218aa05a9a97c91d0db52e4682e6392dac56496134ce2d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2029b43811b3fc809323aeedc380d77e061fa58d500fed32e174d1b7f046c817
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2546655864072944e9422c8b24897b097652a4af2c499ae9cdd91a25f34abcff
25b88bf9d929543f95693a526b8a0e803eb7190cfa60042b0487a4b6b749ae71
29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f50684160db25af98afa3d4fe86a02032758c200e7d661ecee5eca14616e799
31aff64d0957bacb78a34911b9e8318b0c6d506429ee72bf7d07ae06e691a5d3
326d77891415f82cdfafe9b74ede6ba52b2a3f2c33efd26ee18a7ce9053f31c7
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8
35d7b92cfe9bb26392d14898537e4ce28d29f3782e4b2460a4cfbcd66e29d4bc
36480f7e278883138b416e8ba5211586b03228b956b500e2c0a2fecc4a7fc79c
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
373230acfd98e6e8704812d39c2288ce9ca1d1a20c2884586b16f3ea3e4774cb
37bc77fe45d45a9d3a304ff0ebbe74ea4604d66fab8e36091e81ac07ad3838d2
3b4f0b2d84803872a7ae605569a0a3e55a47abb250fa420557a57ca579f1946e
3e79c9ffd98e2288fc7c4c640854c6293d8f0a9342225f0eab90354877cad3ed
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff55a109889e9f4955e9b2d799d2d9dcc369ec010b0206398274b34604a6cd5
40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49
4189888d001d2b0bf74b5d86228666270f48b356a5253f2a31b85277ed70b25d
4301a32c074c0c9f05a626a845b7501fe46a474e868666227c1184fdedec8a37
434cc2ad4b3621f5d6631d2e30a25f1bddc2bc5ea8548236d70698b00578ffc4
448b56c48cc31120d24af77157d2b0e6a7599a1ed16f285903b8ea9ab0864eaf
44b26417381d2bf64ad905bcdb41f754fea8a9f9f0da71543545e62ffb39bd6f
452f5d064161c6c40ed62e24fcf6b4333f3031f84e66515e5eaee99554cd185c
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
48123cf29a674b797815343c767cfd0a0a2d2b5b09a88a35b089cc6c7b663cf0
485184aa02356172ca92a02ff02816425b7c207e6c1c6a2d05a7c8a2eafec22a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6
4925165c70b3264de4eb9fcb82c4e25329fd65e6ee1b1fcc336af0e72d011b58
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
49f3439fc1fb98c85427a13ce3ad575facceb040f1fb8095ddbdb87da39caa4f
4a6eba27414d5ee9e65bb0a28fda83f4e6cfdd4daa3b421db71f4603124260a3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed326ec790ba40d677bde8996ef16856aa31caa4f04acf688b2bbc6b678fa81
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fb10251d6a59a6063ff281464dd9aac4b7cec8136158cca1283250f68712c71
4fb112cfb11172b08332d18d43ded494923882c833e0769a9e6bc77f2c9d09de
50074d51ee62cfec0eefe71c66981b27677c03a71a166839ab6b1f55758717a5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51d1f2e7670b557b1b312fe042640c777a68e7eb663b1eff53cefb957edbad03
5319e11b7cb74dba3b415b0c4c5cc26a11f8108d4fe8bdf0b5ae3ffc439007cd
554bc1440e7f58e518aae4facf8b6d5f34af6695c3a8d03c12003d1eb973989b
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57d477289405fa89bcf748f76a4a9742045557c0a678a0e1379cfb889e3c15e7
58a2f6a841e952c59656d9f137458fc7e1d31b0675e1d3c6862356b7f877c57b
58bdd89b53ded47f1781eb20d8c610546582a41ba0462d610d03a700b389bd40
5ad95459be7613f5f4bd435d5a7fc55265fee5b86bdefb39bd5eadb7cbcc3d40
6127a41b0cb4ecdbf2b95669560589ee2cd011e730a7ecb10b3082017ac9d3d0
62965052035405846c2a82a5f9c8e662db24ff92100bad81ec4b82d5135a7a78
62a9e74bf710eef13b81f56375fc7e24c8b91050fa9ba66a75e9a3f35aece8f5
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
65c88bdeb2f983517f1be4d68218f801ea8201919dbd9edd28359a344d8a0574
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8a8c60ca7b9df552cf44c2df2866680f73f88c291a1d85f5a52cdd11f8e892
6e77e564ccb6c3e2618488ec9e14517dc120e14d0073b579d64b9dd26b4f8088
6fdfbb21f12a4e5f7f13435ba02d698426da4b51c2eddca3f98e7ce0cb4b481e
727823e6ebd1c140c38e1c1d201ee0d37bf9dc549661986eb712e01d657283ba
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
737a225da6d4325c77d5a746d9c6221723e69ca32a5c5782bba666f74f5cef77
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74969208f44bc56bd878ac33d193c26a990c5560575f7ff8eea8fb75ba5f9b45
76e5591612f2b00c68824472590a1101ed872ed70cf5a40e8c665dcc5a5abb22
77d61926f7acef295665e8bc3705000e21c1a4db847338f5969af47c37822bad
78862fceb28d06e4cc3de1d931443552a9616c2b8a066393c4f9d6fd0ff68de8
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a9c7947e8e97888530f5d8cc0e0cc78951b7b1b735f297c864af1cbd28d720f
7e739cb08237c433c5fc87622578034ce4d4b9233f7cef03d0c9183d3295e9ca
816ec15320bc188289bf0b847b8ecb30c0986ef983ec40b8c4e1b9d4273273a1
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85d28f9b9d2637758eebe28d657e3ef7cd3a480634c8d23886dfd33f862fe245
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c4bbb725b9841108d806a44ccf23bc6f369d2e7f325941b0871498473cac1dc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
90bf686f30e8bfcc224e5af0495606f031d6d5970a5701f45fc94951b2fae966
921c1d956fb29a553a69185344a6d58aa553143e22400146222c9851d633a4b2
921f2753bc6f0ebc9bd8e04edc20d0eeca1ac33fc9d07c906ce927558979370e
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9580316c6847511f484180e294c363f4f57585f390ad40a4925dcb2ecac72df4
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96a373018f6dd494f2452b541b7fefb5e325a6013acfae3821882a51ea528c65
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b44784210dc4d49e0011783bbee473ab4582b284ad092a49b8d113ea9c28158
9c25c4e240bd28a308851f487711c88680072496bf9865fb73a258dff5ca3fd9
9e23b926e2e75970ad4048a0870212de78a740bc00545de81e7db21202e06afe
a05442bd9be96a8e1fe5e7b3541a22f0888ded3651c2732b96c484111f6448c9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a239f6ad26a7a681f430311ea92b5ac7bab6a0df90ab13e3071ed342132ebece
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a26d702b27731190494cc024a3815a9b86123b921bbb8c2547de2a52237fd2be
a371368f6d286cf7a9b2948f9b4aeab8eda077d5a5a86ee785bade5d3dc08d0a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
aaacb8a03a57a0e8c4898abf80595a0b792a2005fcc65a4476b4ffda458bff28
aab475e61325aa8b10d5fc1127dc89c6562731d9a0dbd32db36b85a5e792ced5
aad225f19a6d1133bc3f1a926c70a022d35a973ff2375e2212ab9eea9338f38a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3f7f91ff3b3cc55275bff2859dcd08962e5e34aac3d77e5f40e8beffe2cc272
b6ea3f723e214b7646d9b6c3e89619f209f729a58f74f58ca4443aaffe0d275e
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
b8e3a639d96e3174df607eeef52b51ce1f4ffebda05d9e09fe39d81291e05414
b94bbf83e105e20a992cc0bc65be679f1301605719ed2649c77be563245838ae
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bf062384c8d059bdd884e66ece62ef33453a54cd536fede02f34f2b9d732cae8
c04a2ae4fa6510b9351f2f01f0380de8fca951d99df0a7f8e399dc5f0f2ccf6f
c1636869499b6703f251bd9d1bb9a6caff9cd7c26a09616971b9237d3472f36d
c266c66c191d269c13a0925d0b50f3e2ac7362be9c0ddaef4c914900660a5b83
c333ac4887b00fce807cf24b1a6787bf7f56069737c099cac04dd5b7f8bce9d4
c3489e2ab634b6168cddcf63d45ae80f3ddb461149356349dff0901a8cc0d003
c38faed114391071afeda7600dea39b91e594565e82a87540c7db86058c8e226
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c41dae510b615df483a29bd00ef9d1224409a7dd96990f85bb78818335b0a475
c47ff4085e63e5d87a7fa426d2966f242c0b79b772675e3f8a5dcf2c9a5f73a7
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
c8d2551c545c7556a6abf32ece25d1b8e12c1d31964919fb5a3b73e3ca0c67c4
c9640b4008edd77014c3d31defa43f80015daf003dd0db7e80d4df387b846505
cc7c8d8e39f21b4af2031307ca6853f4ba39bfb10d063c58ceae2acbbadb1c33
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1de5bc59f340108aefde96cdcb6dc4d268322cd07b55ed556ccbab195d87207
d1f2e3dabbc5994ee54433d1f66cb8a8140146dafece034339b56201ce9df47e
d227a87beb54f6759bd639c65a3d46f0dbf02eec99ed3b461619a4bdbe176c90
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
d5ac06a99397670c3fbdc08a77fa082996058a847fb19e7075712be21269a922
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d6aa3fcf04d6a362c2a082cd482606251de0e0129861145fca91cbdd3121af86
d7229b2a53e66eda3fb318b555fc6d3c244e5219db8f705287989010f7e836f8
dad57adb77b749ec89a8214c67113c2da5080669f13ef0b2acecb114f016a052
db137a6af0c93b9e8a4303780ce166ecd74bd208e7f55f0f79ea741c88f8e9b3
dc030345988f5d46c09d998dd5c8cc49bb6283d5f8ae31dc21422db7c4f48677
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de212bff4bdc406ec8148359035d00ec07a06bde5af96b14b9da14af80eb85dc
e27b395dd390b36ff73915d6736d8c30721b8f2c88d69bbfe7d9baba127bd0a7
e2917e43bcced97aaa9ee01f478e34e859a3c9803fe5359c4645bd1476365abe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ff042b865c26b62b2e24e0394df07049bd931901fd1982d0d585038e7c1bb4
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e46728896fd2a8bba0e49636f3aa9b57579898539566035195f9b065137fd846
eaaaeb4522438f39641324e740212e05a991bc9c71e72fd5c77a5f013a6174a5
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f189a6458a3cf9f123e7c977d9f7d631d64859613706311f4169499247e85c01
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb
f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee
f3a2e1fd1584db96511ebdb54441671a50535fa5dd1d4211fe4c5a7e17853709
f3e7e84a9247e2cbb12fcb52dd0afe3232325a13e01fc59652ad7fb3c8d5d664
f454d26f3259b2d12bce887d018bfc8f42b209437c2fe1cd6b489221c2f3675e
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f94366efc6314725e16b4002b1e6903913b1f6d9f5757aec611205dcd0db3596
fb42412562a078c6b585cd6dc433b18992adb7cd2f6b18f2c0d06f191fe836d2
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f
fe5dee2d67a785d1837040865f6c858283a36355a3a01ce1b5fb7fdbf370dfa0

www.koaa.com Open in urlscan Pro 13.32.25.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

405 Requests

96 %HTTPS

32 %IPv6

84 Domains

147 Subdomains

102 IPs

9 Countries

8386 kBTransfer

15952 kBSize

34 Cookies

16 Outgoing links

Page URL History

Redirected requests

405 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.koaa.com Open in urlscan Pro
13.32.25.122 Public Scan

Screenshot
Live screenshot

Full Image

405
Requests

96 %
HTTPS

32 %
IPv6

84
Domains

147
Subdomains

102
IPs

9
Countries

8386 kB
Transfer

15952 kB
Size

34
Cookies

405 HTTP transactions
5 data transactions