urlscan.io logo urlscan.io
SecurityTrails logo

khak.com Open in urlscan Pro
192.229.163.47  Public Scan

Go To Rescan Add Verdict Report
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Submission: On September 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 114 IPs in 10 countries across 100 domains to perform 415 HTTP transactions. The main IP is 192.229.163.47, located in United States and belongs to EDGECAST, US. The main domain is khak.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 27th 2021. Valid for: a year.
This is the only time khak.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 192.229.163.47 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
14 192.229.233.181 15133 (EDGECAST)
1 2600:9000:215... 16509 (AMAZON-02)
1 143.204.98.90 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
7 13 23.218.208.246 16625 (AKAMAI-AS)
1 192.229.233.218 15133 (EDGECAST)
1 52.207.40.92 14618 (AMAZON-AES)
8 2a00:1450:400... 15169 (GOOGLE)
1 1 2a03:2880:f22... 32934 (FACEBOOK)
1 2 2a03:2880:f22... 32934 (FACEBOOK)
2 34.95.69.49 15169 (GOOGLE)
2 104.111.219.144 16625 (AKAMAI-AS)
5 143.204.95.188 16509 (AMAZON-02)
4 199.232.136.157 54113 (FASTLY)
5 2a03:2880:f02... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
10 18 13.248.242.197 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
4 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.139.128.11 20446 (HIGHWINDS3)
7 2a03:2880:f12... 32934 (FACEBOOK)
2 2.18.232.7 16625 (AKAMAI-AS)
4 32 34.98.64.218 15169 (GOOGLE)
2 34.107.148.139 15169 (GOOGLE)
5 2602:803:c003... 26667 (RUBICONPR...)
7 10 37.252.173.22 29990 (ASN-APPNEX)
5 54.77.47.243 16509 (AMAZON-02)
12 165.227.252.242 14061 (DIGITALOC...)
2 143.204.98.76 16509 (AMAZON-02)
2 178.162.133.150 60781 (LEASEWEB-...)
2 52.28.89.176 16509 (AMAZON-02)
2 52.57.38.203 16509 (AMAZON-02)
2 23.37.38.181 16625 (AKAMAI-AS)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
9 2a00:1450:400... 15169 (GOOGLE)
3 50.19.31.75 14618 (AMAZON-AES)
4 104.111.247.126 16625 (AKAMAI-AS)
2 18.232.13.40 14618 (AMAZON-AES)
2 34.226.117.177 14618 (AMAZON-AES)
2 104.244.42.136 13414 (TWITTER)
2 143.204.98.89 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
6 2a00:1450:400... 15169 (GOOGLE)
3 143.204.98.113 16509 (AMAZON-02)
1 143.204.98.103 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.186.102 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 143.204.98.87 16509 (AMAZON-02)
1 130.211.23.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 143.204.98.5 16509 (AMAZON-02)
2 151.101.193.194 54113 (FASTLY)
7 23.218.208.200 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 6 72.251.249.9 29791 (VOXEL-DOT...)
6 147.75.38.124 54825 (PACKET)
3 4 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 1 3.92.246.31 14618 (AMAZON-AES)
1 52.0.73.248 14618 (AMAZON-AES)
2 2 206.189.254.17 14061 (DIGITALOC...)
2 205.185.216.10 20446 (HIGHWINDS3)
11 17 142.250.185.98 15169 (GOOGLE)
4 14 13.248.245.213 16509 (AMAZON-02)
2 2600:9000:215... 16509 (AMAZON-02)
6 20 23.37.42.132 16625 (AKAMAI-AS)
2 184.30.24.22 16625 (AKAMAI-AS)
3 3 37.252.172.249 29990 (ASN-APPNEX)
7 10 18.194.59.214 16509 (AMAZON-02)
2 185.64.189.115 62713 (AS-PUBMATIC)
4 4 3.123.143.157 16509 (AMAZON-02)
9 11 54.77.6.213 16509 (AMAZON-02)
5 5 185.64.190.80 62713 (AS-PUBMATIC)
3 3 198.148.27.140 19189 (PULSEPOINT)
2 185.86.137.133 201081 (SMARTADSE...)
2 2 185.29.132.245 30419 (MEDIAMATH...)
2 2 2620:116:800d... 16509 (AMAZON-02)
4 4 37.157.2.236 198622 (ADFORM)
12 107.23.252.174 14618 (AMAZON-AES)
7 8 18.197.99.6 16509 (AMAZON-02)
9 9 18.156.0.31 16509 (AMAZON-02)
7 69.173.144.165 26667 (RUBICONPR...)
2 2 88.214.206.142 46636 (NATCOWEB)
6 6 185.64.190.79 62713 (AS-PUBMATIC)
2 2 185.64.189.114 62713 (AS-PUBMATIC)
2 2620:119:50e1... 14413 (LINKEDIN)
3 4 2a00:1288:110... 34010 (YAHOO-IRD)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 4 52.46.133.124 16509 (AMAZON-02)
2 2 70.42.32.31 13789 (INTERNAP-...)
3 3 2001:678:cb4:... 56396 (AMOBEE)
2 18.195.155.181 16509 (AMAZON-02)
2 178.162.133.148 60781 (LEASEWEB-...)
2 152.199.22.191 15133 (EDGECAST)
22 193.122.128.135 31898 (ORACLE-BM...)
2 178.162.133.149 60781 (LEASEWEB-...)
2 104.16.190.66 13335 (CLOUDFLAR...)
2 67.202.105.23 32748 (STEADFAST)
2 51.89.9.254 16276 (OVH)
6 9 213.19.147.45 26120 (RHYTHMONE)
4 8 3.216.159.172 14618 (AMAZON-AES)
4 4 185.94.180.125 35220 (SPOTX-AMS)
2 2 2a04:4e42:200... 54113 (FASTLY)
2 151.101.129.44 54113 (FASTLY)
2 2 18.196.16.240 16509 (AMAZON-02)
2 38.27.122.101 174 (COGENT-174)
1 1 159.253.128.188 36351 (SOFTLAYER)
1 2 3.125.251.122 16509 (AMAZON-02)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 52.35.90.9 16509 (AMAZON-02)
4 4 151.101.2.49 54113 (FASTLY)
2 2 188.165.137.78 16276 (OVH)
2 2 146.59.148.16 16276 (OVH)
2 3 52.18.12.237 16509 (AMAZON-02)
1 2 35.186.253.211 15169 (GOOGLE)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 104.111.218.85 16625 (AKAMAI-AS)
1 216.52.2.30 30282 (AS-INAPCD...)
1 104.111.242.245 16625 (AKAMAI-AS)
1 34.96.105.8 15169 (GOOGLE)
1 2 52.95.126.160 16509 (AMAZON-02)
1 1 54.175.176.13 14618 (AMAZON-AES)
2 2 135.125.160.160 16276 (OVH)
3 3 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
2 8.43.72.97 26667 (RUBICONPR...)
1 54.36.109.166 16276 (OVH)
1 54.218.247.33 ()
415 114
28    192.229.163.47 (United States)

ASN15133 (EDGECAST, US)
khak.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
14    192.229.233.181 (Los Angeles, United States)

ASN15133 (EDGECAST, US)
townsquare.media
1    2600:9000:2156:9000:7:7419:8e80:21 (United States)

ASN16509 (AMAZON-02, US)
doi3unldljdx6.cloudfront.net.
1    143.204.98.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-90.fra50.r.cloudfront.net
native.sharethrough.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
13    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
1    192.229.233.218 (Los Angeles, United States)

ASN15133 (EDGECAST, US)
cdn.production.townsquareblogs.com
1    52.207.40.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-40-92.compute-1.amazonaws.com
embed.air.tv
8    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a03:2880:f22d:c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
platform.instagram.com
2    2a03:2880:f22d:e5:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
5    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
4    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
platform.twitter.com
5    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
18    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
cdn-sp-s3.air.tv
7    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
32    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
townsquaremedia-d.openx.net
eu-u.openx.net
us-u.openx.net
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
5    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
10    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
5    54.77.47.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
12    165.227.252.242 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
2    143.204.98.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net
hb.undertone.com
2    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
2    52.28.89.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-89-176.eu-central-1.compute.amazonaws.com
krk.kargo.com
2    52.57.38.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-38-203.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
9    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    50.19.31.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-31-75.compute-1.amazonaws.com
www.zergnet.com
4    104.111.247.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-126.deploy.static.akamaitechnologies.com
cdn.conversant.mgr.consensu.org
2    18.232.13.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-13-40.compute-1.amazonaws.com
events.air.tv
2    34.226.117.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-117-177.compute-1.amazonaws.com
counts.air.tv
2    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    143.204.98.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-89.fra50.r.cloudfront.net
static.solutionshindsight.net
1    2a00:1450:4001:82b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
4    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
api.conversant.mgr.consensu.org
openx2-match.dotomi.com
6    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
3    143.204.98.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-113.fra50.r.cloudfront.net
img2.zergnet.com
img4.zergnet.com
1    143.204.98.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-103.fra50.r.cloudfront.net
img5.zergnet.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
4    2606:4700::6812:a4f (United States)

ASN13335 (CLOUDFLARENET, US)
action.dstillery.com
action.media6degrees.com
1    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net
1    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
2    143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net
sb.scorecardresearch.com
cm.smadex.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    2a00:1450:4001:813::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    143.204.98.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-5.fra50.r.cloudfront.net
api.solutionshindsight.net
2    151.101.193.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
7    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2606:4700::6812:ea1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
6    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
6    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    3.92.246.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-246-31.compute-1.amazonaws.com
px.britepool.com
1    52.0.73.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-73-248.compute-1.amazonaws.com
thrtle.com
2    206.189.254.17 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.serverbid.com
2    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
17    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
14    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    2600:9000:2156:8000:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
20    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
2    184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
contextual.media.net
3    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
10    18.194.59.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-59-214.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    3.123.143.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-143-157.eu-central-1.compute.amazonaws.com
pm.w55c.net
11    54.77.6.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-6-213.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
12    107.23.252.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-252-174.compute-1.amazonaws.com
usr.undertone.com
8    18.197.99.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-99-6.eu-central-1.compute.amazonaws.com
pixel.advertising.com
9    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
7    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
6    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
4    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    52.46.133.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
2    178.162.133.148 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1.go.sonobi.com
go.sonobi.com
2    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
22    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
uat-net.technoratimedia.com
2    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.districtm.io
2    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
pixel.33across.com
2    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
9    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
8    3.216.159.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-159-172.compute-1.amazonaws.com
sync.bfmio.com
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
2    18.196.16.240 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-16-240.eu-central-1.compute.amazonaws.com
ad.360yield.com
2    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    3.125.251.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-251-122.eu-central-1.compute.amazonaws.com
j.mrpdata.net
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    52.35.90.9 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-90-9.us-west-2.compute.amazonaws.com
match.justpremium.com
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    188.165.137.78 (France)

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu
green.erne.co
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh
pixel.onaudience.com
3    52.18.12.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-12-237.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
id.crwdcntrl.net
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
1    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    54.175.176.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-176-13.compute-1.amazonaws.com
sync.ipredictive.com
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    54.36.109.166 (France)

ASN16276 (OVH, FR)
PTR: p10.id5-sync.com
id5-sync.com
1    54.218.247.33 (None, )

ASN- ()
id.sharedid.org
Apex Domain
Subdomains		 Transfer
37 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
89 KB
34 openx.net
townsquaremedia-d.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
8 KB
28 khak.com
khak.com
301 KB
27 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
265 KB
24 technoratimedia.com
ad-cdn.technoratimedia.com
sync.technoratimedia.com
uat-net.technoratimedia.com
18 KB
23 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image8.pubmatic.com
image4.pubmatic.com
109 KB
18 adsrvr.org
match.adsrvr.org
7 KB
17 google-analytics.com
www.google-analytics.com
21 KB
16 3lift.com
tlx.3lift.com
eb2.3lift.com
10 KB
16 undertone.com
hb.undertone.com
cdn.undertone.com
usr.undertone.com
8 KB
14 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
12 KB
14 serverbid.com
e.serverbid.com
sync.serverbid.com
962 B
14 townsquare.media
townsquare.media
920 KB
13 adnxs.com
ib.adnxs.com
secure.adnxs.com
21 KB
12 casalemedia.com
as-sec.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
8 KB
12 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
101 KB
11 bidr.io
match.prod.bidr.io
5 KB
11 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
43 KB
10 bidswitch.net
x.bidswitch.net
3 KB
10 google.com
apis.google.com
www.google.com
accounts.google.com
219 KB
9 youtube.com
www.youtube.com
172 KB
8 bfmio.com
sync.bfmio.com
2 KB
8 advertising.com
pixel.advertising.com
2 KB
7 1rx.io
sync.1rx.io
3 KB
7 lijit.com
ap.lijit.com
ce.lijit.com
4 KB
7 consensu.org
cdn.conversant.mgr.consensu.org
api.conversant.mgr.consensu.org
188 KB
7 zergnet.com
www.zergnet.com
img2.zergnet.com
img5.zergnet.com
img4.zergnet.com
77 KB
7 facebook.com
www.facebook.com
2 KB
6 criteo.com
gum.criteo.com
mug.criteo.com
2 KB
6 a-mo.net
prebid.a-mo.net
1 KB
6 sonobi.com
apex.go.sonobi.com
go.sonobi.com
sync.go.sonobi.com
4 KB
6 twitter.com
platform.twitter.com
syndication.twitter.com
148 KB
6 air.tv
embed.air.tv
cdn-sp-s3.air.tv
events.air.tv
counts.air.tv
104 KB
5 gumgum.com
g2.gumgum.com
rtb.gumgum.com
6 KB
5 facebook.net
connect.facebook.net
391 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 taboola.com
trc.taboola.com
match.taboola.com
682 B
4 spotxchange.com
sync.search.spotxchange.com
3 KB
4 adform.net
c1.adform.net
2 KB
4 w55c.net
pm.w55c.net
3 KB
4 solutionshindsight.net
static.solutionshindsight.net
api.solutionshindsight.net
24 KB
4 media.net
prebid.media.net
contextual.media.net
16 KB
3 crwdcntrl.net
sync.crwdcntrl.net
id.crwdcntrl.net
2 KB
3 turn.com
ad.turn.com
1 KB
3 contextweb.com
bh.contextweb.com
1 KB
3 teads.tv
a.teads.tv
sync.teads.tv
658 B
3 instagram.com
platform.instagram.com
www.instagram.com
5 KB
3 indexww.com
js-sec.indexww.com
16 KB
2 dyntrk.com
gu.dyntrk.com
1 KB
2 onaudience.com
pixel.onaudience.com
1021 B
2 erne.co
green.erne.co
573 B
2 mrpdata.net
j.mrpdata.net
538 B
2 bnmla.com
match.bnmla.com
228 B
2 360yield.com
ad.360yield.com
426 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
978 B
2 onetag-sys.com
onetag-sys.com
2 KB
2 33across.com
pixel.33across.com
2 districtm.io
cdn.districtm.io
2 emxdgt.com
cs.emxdgt.com
2 zemanta.com
b1sync.zemanta.com
602 B
2 bing.com
c.bing.com
734 B
2 linkedin.com
px.ads.linkedin.com
881 B
2 admanmedia.com
cs.admanmedia.com
1018 B
2 quantserve.com
pixel.quantserve.com
994 B
2 mathtag.com
sync.mathtag.com
1 KB
2 smartadserver.com
rtb-csync.smartadserver.com
326 B
2 digitaloceanspaces.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
11 KB
2 4dex.io
script.4dex.io
22 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net
102 KB
2 media6degrees.com
action.media6degrees.com
376 B
2 dstillery.com
action.dstillery.com
354 B
2 btloader.com
btloader.com
api.btloader.com
11 KB
2 dotomi.com
proc.ad.cpe.dotomi.com
openx2-match.dotomi.com
721 B
2 kargo.com
krk.kargo.com
1 KB
2 rlcdn.com
api.rlcdn.com
id.rlcdn.com
323 B
2 fastclick.net
secure.cdn.fastclick.net
19 KB
2 clean.gg
i.clean.gg
104 B
2 googleapis.com
fonts.googleapis.com
storage.googleapis.com
12 KB
1 sharedid.org
id.sharedid.org
209 B
1 id5-sync.com
id5-sync.com
526 B
1 ipredictive.com
sync.ipredictive.com
437 B
1 blismedia.com
tr.blismedia.com
140 B
1 yieldlab.net
ad.yieldlab.net
522 B
1 rfihub.com
p.rfihub.com
760 B
1 justpremium.com
match.justpremium.com
322 B
1 sitescout.com
pixel-sync.sitescout.com
280 B
1 simpli.fi
um.simpli.fi
611 B
1 smadex.com
cm.smadex.com
527 B
1 thrtle.com
thrtle.com
1 britepool.com
px.britepool.com
api.britepool.com Failed
650 B
1 scorecardresearch.com
sb.scorecardresearch.com
1 KB
1 ad-delivery.net
ad-delivery.net
1004 B
1 googletagmanager.com
www.googletagmanager.com
41 KB
1 googlesyndication.com
pagead2.googlesyndication.com
49 KB
1 google.de
www.google.de
522 B
1 townsquareblogs.com
cdn.production.townsquareblogs.com
94 KB
1 googletagservices.com
www.googletagservices.com
26 KB
1 sharethrough.com
native.sharethrough.com
71 KB
1 net.
doi3unldljdx6.cloudfront.net.
39 KB
0 demdex.net Failed
dpm.demdex.net Failed
415 100
Domain Requested by
28 khak.com khak.com
doi3unldljdx6.cloudfront.net.
18 us-u.openx.net 3 redirects eu-u.openx.net
ad-cdn.technoratimedia.com
us-u.openx.net
18 match.adsrvr.org 10 redirects js-sec.indexww.com
doi3unldljdx6.cloudfront.net.
eu-u.openx.net
eb2.3lift.com
ads.pubmatic.com
17 cm.g.doubleclick.net 11 redirects doi3unldljdx6.cloudfront.net.
eu-u.openx.net
eb2.3lift.com
17 www.google-analytics.com khak.com
www.google-analytics.com
14 eus.rubiconproject.com doi3unldljdx6.cloudfront.net.
cdn.undertone.com
eus.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ad-cdn.technoratimedia.com
14 eb2.3lift.com 4 redirects doi3unldljdx6.cloudfront.net.
eb2.3lift.com
14 townsquare.media khak.com
doi3unldljdx6.cloudfront.net.
12 uat-net.technoratimedia.com ad-cdn.technoratimedia.com
12 usr.undertone.com cdn.undertone.com
12 eu-u.openx.net 1 redirects doi3unldljdx6.cloudfront.net.
eu-u.openx.net
us-u.openx.net
12 e.serverbid.com cdn.production.townsquareblogs.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
11 match.prod.bidr.io 9 redirects ad-cdn.technoratimedia.com
10 sync.technoratimedia.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ad-cdn.technoratimedia.com
us-u.openx.net
10 x.bidswitch.net 7 redirects eb2.3lift.com
10 ib.adnxs.com 7 redirects cdn.production.townsquareblogs.com
khak.com
9 ups.analytics.yahoo.com 9 redirects
9 www.youtube.com doi3unldljdx6.cloudfront.net.
www.youtube.com
8 sync.bfmio.com 4 redirects ad-cdn.technoratimedia.com
8 pixel.advertising.com 7 redirects us-u.openx.net
8 ssum-sec.casalemedia.com 6 redirects js-sec.indexww.com
8 apis.google.com khak.com
doi3unldljdx6.cloudfront.net.
www.youtube.com
accounts.google.com
apis.google.com
7 sync.1rx.io 4 redirects ad-cdn.technoratimedia.com
us-u.openx.net
7 pixel.rubiconproject.com cdn.undertone.com
7 ads.pubmatic.com khak.com
doi3unldljdx6.cloudfront.net.
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ad-cdn.technoratimedia.com
7 www.facebook.com khak.com
doi3unldljdx6.cloudfront.net.
6 image8.pubmatic.com 6 redirects
6 secure-assets.rubiconproject.com 6 redirects
6 prebid.a-mo.net khak.com
6 ap.lijit.com 5 redirects khak.com
6 ssl.gstatic.com accounts.google.com
khak.com
6 fonts.gstatic.com fonts.googleapis.com
5 image2.pubmatic.com 5 redirects
5 fastlane.rubiconproject.com cdn.production.townsquareblogs.com
5 stats.g.doubleclick.net www.google-analytics.com
5 connect.facebook.net doi3unldljdx6.cloudfront.net.
5 c.amazon-adsystem.com doi3unldljdx6.cloudfront.net.
c.amazon-adsystem.com
4 sync-tm.everesttech.net 4 redirects
4 sync.search.spotxchange.com 4 redirects
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
4 pr-bh.ybp.yahoo.com 3 redirects us-u.openx.net
4 c1.adform.net 4 redirects
4 pm.w55c.net 4 redirects
4 gum.criteo.com 3 redirects
4 cdn.conversant.mgr.consensu.org doi3unldljdx6.cloudfront.net.
cdn.conversant.mgr.consensu.org
4 g2.gumgum.com cdn.production.townsquareblogs.com
4 securepubads.g.doubleclick.net doi3unldljdx6.cloudfront.net.
www.googletagservices.com
khak.com
4 platform.twitter.com doi3unldljdx6.cloudfront.net.
3 token.rubiconproject.com 3 redirects
3 ad.turn.com 3 redirects
3 bh.contextweb.com 3 redirects
3 secure.adnxs.com 3 redirects
3 api.conversant.mgr.consensu.org cdn.conversant.mgr.consensu.org
3 www.zergnet.com doi3unldljdx6.cloudfront.net.
3 js-sec.indexww.com khak.com
doi3unldljdx6.cloudfront.net.
2 pixel-us-east.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ad-cdn.technoratimedia.com
2 gu.dyntrk.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects us-u.openx.net
2 rtb.openx.net 1 redirects us-u.openx.net
2 sync.crwdcntrl.net 2 redirects
2 pixel.onaudience.com 2 redirects
2 green.erne.co 2 redirects
2 j.mrpdata.net 1 redirects us-u.openx.net
2 match.bnmla.com ad-cdn.technoratimedia.com
2 ad.360yield.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 match.taboola.com ad-cdn.technoratimedia.com
2 trc.taboola.com 2 redirects
2 onetag-sys.com ad-cdn.technoratimedia.com
2 pixel.33across.com ad-cdn.technoratimedia.com
2 cdn.districtm.io ad-cdn.technoratimedia.com
2 sync.go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 ad-cdn.technoratimedia.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 cs.emxdgt.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 b1sync.zemanta.com 2 redirects
2 c.bing.com eb2.3lift.com
2 px.ads.linkedin.com eb2.3lift.com
2 image4.pubmatic.com 2 redirects
2 cs.admanmedia.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 sync.mathtag.com 2 redirects
2 rtb-csync.smartadserver.com eu-u.openx.net
2 image6.pubmatic.com ads.pubmatic.com
2 contextual.media.net doi3unldljdx6.cloudfront.net.
2 cdn.undertone.com doi3unldljdx6.cloudfront.net.
2 serverbid-sync.nyc3.cdn.digitaloceanspaces.com doi3unldljdx6.cloudfront.net.
2 sync.serverbid.com 2 redirects
2 mug.criteo.com
2 script.4dex.io khak.com
2 confiant-integrations.global.ssl.fastly.net khak.com
2 api.solutionshindsight.net doi3unldljdx6.cloudfront.net.
2 action.media6degrees.com khak.com
2 action.dstillery.com 2 redirects
2 img2.zergnet.com khak.com
2 static.solutionshindsight.net doi3unldljdx6.cloudfront.net.
2 syndication.twitter.com platform.twitter.com
khak.com
2 counts.air.tv cdn-sp-s3.air.tv
2 events.air.tv cdn-sp-s3.air.tv
2 htlb.casalemedia.com cdn.production.townsquareblogs.com
2 tlx.3lift.com cdn.production.townsquareblogs.com
2 krk.kargo.com cdn.production.townsquareblogs.com
2 apex.go.sonobi.com cdn.production.townsquareblogs.com
2 hb.undertone.com cdn.production.townsquareblogs.com
2 prebid.media.net cdn.production.townsquareblogs.com
2 townsquaremedia-d.openx.net cdn.production.townsquareblogs.com
2 a.teads.tv cdn.production.townsquareblogs.com
2 secure.cdn.fastclick.net khak.com
doi3unldljdx6.cloudfront.net.
2 i.clean.gg doi3unldljdx6.cloudfront.net.
2 www.instagram.com 1 redirects khak.com
1 ssum.casalemedia.com 1 redirects
1 id.sharedid.org ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 id.rlcdn.com
1 ads.yahoo.com
1 sync.ipredictive.com 1 redirects
1 tr.blismedia.com us-u.openx.net
1 sync.teads.tv us-u.openx.net
1 ce.lijit.com us-u.openx.net
1 ad.yieldlab.net us-u.openx.net
1 p.rfihub.com 1 redirects
1 match.justpremium.com us-u.openx.net
1 pixel-sync.sitescout.com 1 redirects
1 openx2-match.dotomi.com us-u.openx.net
1 um.simpli.fi 1 redirects
1 cm.smadex.com 1 redirects
1 rtb.gumgum.com
1 thrtle.com
1 px.britepool.com 1 redirects
1 storage.googleapis.com khak.com
1 api.btloader.com btloader.com
1 sb.scorecardresearch.com doi3unldljdx6.cloudfront.net.
1 ad-delivery.net khak.com
1 ad.doubleclick.net khak.com
1 btloader.com doi3unldljdx6.cloudfront.net.
1 www.googletagmanager.com doi3unldljdx6.cloudfront.net.
1 img4.zergnet.com khak.com
1 img5.zergnet.com khak.com
1 accounts.google.com doi3unldljdx6.cloudfront.net.
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 hbopenbid.pubmatic.com cdn.production.townsquareblogs.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 cdn-sp-s3.air.tv doi3unldljdx6.cloudfront.net.
1 pagead2.googlesyndication.com doi3unldljdx6.cloudfront.net.
1 www.google.de khak.com
1 www.google.com khak.com
1 api.rlcdn.com js-sec.indexww.com
ads.pubmatic.com
1 platform.instagram.com 1 redirects
1 embed.air.tv khak.com
1 cdn.production.townsquareblogs.com khak.com
1 www.googletagservices.com khak.com
1 native.sharethrough.com khak.com
1 doi3unldljdx6.cloudfront.net. khak.com
1 fonts.googleapis.com khak.com
0 api.britepool.com Failed ads.pubmatic.com
0 dpm.demdex.net Failed
415 157

This site contains links to these domains. Also see Links.

Domain
americaontap.com
download
help
www.seizethedeal.com
music.apple.com
youtube.com
www.facebook.com
twitter.com
www.instagram.com
unsplash.com
www.thegazette.com
www.justice.gov
thestacker.com
www.britannica.com
www.history.com
history.house.gov
www.govtrack.us
immigrationtounitedstates.org
www.npr.org
supreme.justia.com
fee.org
www.politico.com
blogs.loc.gov
history.state.gov
time.com
www.washingtonpost.com
www.dol.gov
www.encyclopedia.com
www.usflag.org
encyclopedia.densho.org
www.federalreservehistory.org
www.epa.gov
www.cia.gov
constitutioncenter.org
ballotpedia.org
www.sba.gov
www.nlrb.gov
www.historylearningsite.co.uk
library.cqpress.com
www.forbes.com
www.americanbar.org
now.org
www.plannedparenthoodaction.org
epic.org
www.understood.org
www.bitlaw.com
www.congress.gov
www.oyez.org
www.ncbi.nlm.nih.gov
www.archives.gov
fas.org
www.acf.hhs.gov
berkleycenter.georgetown.edu
heinonline.org
www.nber.org
criminal.findlaw.com
dictionary.findlaw.com
it.ojp.gov
www.law.cornell.edu
www.lexisnexis.com
www.eeoc.gov
www.bbc.com
www.compliance.gov
www.ncsl.org
www.investopedia.com
www.copyright.gov
www.toptaxdefenders.com
www.nrlc.org
aceee.org
www2.ed.gov
www.healthinsurance.org
everychildmatters.org
www.datacoalition.org
www.benefits.va.gov
www.usatoday.com
www.fas.usda.gov
trib.com
www.cnn.com
money.usnews.com
stacker.com
www.weather.gov
www.savethestudent.org
www.pbs.org
www.insurancejournal.com
genetics.thetech.org
www.wqad.com
www.powerball.com
www.wtsp.com
ahainstructornetwork.americanheart.org
www.tulane.edu
www.csmonitor.com
www.smithsonianmag.com
www.marthastewart.com
www.guinnessworldrecords.com
www.cnbc.com
www.nytimes.com
articles.latimes.com
www.golfdigest.com
ourworldindata.org
discovertheodds.com
www.birminghammail.co.uk
www.mercurynews.com
www.miamiherald.com
reports.collegeboard.org
www.iii.org
www.foodsafety.gov
www.thecrimson.com
www.uspsoig.gov
bethematch.org
bloodcell.transplant.hrsa.gov
whalebonemag.com
datayze.com
www.nasa.gov
www.nidcd.nih.gov
injuryfacts.nsc.org
hub.stacker.com
nces.ed.gov
whattobecome.com
www.morningstar.com
www.aaltci.org
www.libraryjournal.com
www.ala.org
www.rd.com
www.cheatsheet.com
www.atlasobscura.com
www.thezebra.com
redcrosschat.org
danger.mongabay.com
www.ncaa.org
www.financialsamurai.com
www.bloomberg.com
www.elsevier.com
www.vox.com
healthresearchfunding.org
www.cbsnews.com
www.businessinsider.com
everytownresearch.org
bgr.com
www.polygon.com
www.cdc.gov
foulballz.com
www.sbnation.com
www.thoughtco.com
www.bustle.com
fortune.com
www.si.com
www.parents.com
crest.com
www.popularmechanics.com
www.huffpost.com
www.zergnet.com
publicfiles.fcc.gov
www.youtube.com
www.townsquaremedia.com
Subject Issuer Validity Valid
www2.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-27 -
2022-09-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www6.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-27 -
2022-09-27		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
www8.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-28 -
2022-09-28		 a year crt.sh
*.air.tv
Amazon		 2021-07-18 -
2022-08-16		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-08-12 -
2021-11-10		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2021-03-11 -
2022-03-15		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2021-08-25 -
2021-11-23		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
platform.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-29 -
2022-07-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
cdn-sp-s3.air.tv
R3		 2021-09-09 -
2021-12-08		 3 months crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
e.serverbid.com
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
*.undertone.com
Amazon		 2020-11-03 -
2021-12-02		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.dev.kargo.com
Amazon		 2021-03-16 -
2022-04-14		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.zergnet.com
Amazon		 2021-04-12 -
2022-05-11		 a year crt.sh
cdn.conversant.mgr.consensu.org
R3		 2021-08-16 -
2021-11-14		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
solutionshindsight.net
Amazon		 2021-02-19 -
2022-03-20		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.conversant.mgr.consensu.org
GlobalSign RSA OV SSL CA 2018		 2020-03-31 -
2022-06-06		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-05 -
2022-09-04		 a year crt.sh
dstillery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-09 -
2022-05-10		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2021-08-28 -
2021-11-26		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2021-03-22 -
2022-04-23		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-30		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io
Amazon		 2020-11-18 -
2021-12-18		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.technoratimedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-16 -
2022-10-05		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.bfmio.com
Amazon		 2021-05-16 -
2022-06-14		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.mrpdata.net
Amazon		 2020-12-04 -
2022-01-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
tracking.justpremium.com
Amazon		 2021-03-27 -
2022-04-25		 a year crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2021-03-09 -
2022-03-14		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-07-26 -
2022-01-19		 6 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-08-26 -
2021-11-24		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
id.sharedid.org
Amazon		 2021-01-08 -
2022-02-06		 a year crt.sh

This page contains 54 frames:

Primary Page: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Frame ID: 229D566BA6A8B12EEB301B4EB6D40679
Requests: 179 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fkhak.com
Frame ID: 238239DF70CCDA5A50AC457935FD2495
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=279066220340679&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c6deda655a27c%26domain%3Dkhak.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkhak.com%252Ff3ea14f224cdd8c%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.facebook.com%2F981KHAK&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Frame ID: 1210B1587515978D156539BF138ACD15
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=981KHAK&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fkhak.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: A095B227A64AB294F0ADA9A96F1A8A4B
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 59AB9726E4D7241D395DB33B330D4C1E
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkhak.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: A44027692B277786DFE912D1586E0CA7
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Frame ID: C3FFE13D2C1AF7B15B2529FC1F36E55D
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCBk1VANDJlhmmBe5hZONlQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: F0B9F752019503270BD1FB02C6F56FE4
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 36783F428A64396564DBD000561A0F01
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 7C7EAA945FCF14076E1571739AEF5F3D
Requests: 27 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Frame ID: 1CC694F5715C72FAB8AA85B92B047DA1
Requests: 8 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Frame ID: AF3FEC541177558C777F3F8821EF910B
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C3422A7FE7AF65534500DDCFF245E387
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Frame ID: 8920194C2E95987B43BB50E64206907F
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 026775D7FB7845E0700098183E855952
Requests: 2 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
Frame ID: BE9481501885D0FFF45AF8402253F136
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: DDC67A516BEC36DAE5A8A2D8545D6070
Requests: 11 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: E700F7251FA75227BE198FE2F2E9D800
Requests: 8 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 2BDE94D94DED211659FB0F4957A6D619
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CE1380E01710402CDE2F739F03481312
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: F43194E2734F96A489C78A46AAC475BC
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2E1314DF20719384D56B64998BF167FB
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 4AA89A16C9541C9A40B55853B5BB03CF
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 08C11BDE7022CF647150A5EABB020CD1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 98846CFCA8D8C7645A124272308056CC
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BD6F60F3D4F5868FB6CB8014461AD04F
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Frame ID: 72C30AE6278ADB37BAC088E129D7E636
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPNTJeEPNTJeEAXADAENBuCgAAAAAH_AAAAAAAAQbAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRNYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoO9jTCEMt8CKBR_RUYCNZogWBkJCwcxwBICXiwAAA.YAAAAAAAAAAA&d=https://khak.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 39EE8151162DC215B1BB8B85553CE0AD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPNTJeEPNTJeEAXADAENBuCgAAAAAH_AAAAAAAAQbAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRNYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoO9jTCEMt8CKBR_RUYCNZogWBkJCwcxwBICXiwAAA.YAAAAAAAAAAA&d=https://khak.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 750276E32EA8A785B4795786EA972DB1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: A8C76E2FAE5D7D66561C3BC659CDC576
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 0C4716DE7230DE2B9546B11F24EA5B33
Requests: 2 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: 04BEC3EA0F5F7D12816433752C35AADF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 5132F7FFB43EF9E6CB09F18F2916E21E
Requests: 3 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: 56A68D3C418EFF35498073299E485F65
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html
Frame ID: FD1D30206A364830B6F425802780DDBE
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: C3A943A1817348EB91C25B67BB7CAD14
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: 2436C93D7520CCDE33CEE57BB55B43BA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 179ADCE9A6C1DCAB45BD1B7F80C34035
Requests: 2 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: B4BB51A7339B169026AD3F006B5B9955
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html
Frame ID: 63E6D7634E1A1DF1576A306EE8A7ECDF
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: B7735FF29FEDE26D39148341CB9FFE08
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Frame ID: C66B0D39323AABF109DDD84F6ECD0064
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Frame ID: E4EC05EAD6782771D9AE4DEC3D9363F4
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Frame ID: 84745DA2A136E2ED91BAED9AA5943059
Requests: 12 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/?sellerid=101769
Frame ID: 378BE7D0705BF5141AC2B94D338F8DF1
Requests: 1 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Frame ID: FF09612A193D7FCEB00E97E87492BC73
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=572a470226457b8
Frame ID: E184ADD7217E05F2CF4F1AC055663C52
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Frame ID: 94E9C93EFF1E38C9197860A004FDEB78
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Frame ID: C1CA3E59CE07966BBF9A42F26DEB8167
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Frame ID: F54FE9CA9D63DD00C8FE04B836FEC2FE
Requests: 12 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/?sellerid=101769
Frame ID: 9DCF34CF548BFC59796597CECB33AA1D
Requests: 1 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Frame ID: 504E93A293F90C478282AA4C30C0DBC5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=572a470226457b8
Frame ID: B6A0266C826397592FF9E4F7CA8330FA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=279066220340679&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17a65b3623805%26domain%3Dkhak.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkhak.com%252Ff3ea14f224cdd8c%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Frame ID: 7A690C684373A08207F338A71AB064CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Iowa Woman Who Stole Big Money From Church Headed to Fed. Prison

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • ^https?://(?:[^/]+\.)?yieldlab\.net/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

415
Requests

98 %
HTTPS

25 %
IPv6

100
Domains

157
Subdomains

114
IPs

10
Countries

3837 kB
Transfer

11780 kB
Size

153
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Request Chain 178
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KHAKFM&ncv=24 HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KHAKFM&ncv=24
Request Chain 179
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24 HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Request Chain 204
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkhak.com%2F&domain=khak.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=zxJMP3xkVUQ4ZnFjMXpSdDdwL20yVUx3ZTQ5VzBtSFNEQ0syam9IeHo1YjVicE1TWlh3V1c4MTYvWCtFQXpEVThJME1VMXVGTkg2ejI0aGl5T0NYVXpxTmtlcGFXdXBtQzB3bHpMWDRHWkRGb1lmMUdLcjBkVVAvKzJ6bTdtZSt1Wk9sYlJwcEtpVjBxUXRzREI1dUdzT3Z5UlNJM1JTMTJxNHdvOXNyV21UdXJzZG9Ma0dDclZYWFZCVkxkOVZ0QzBmR2kyclJEQ2RJL1RIYzM2RFh6UTN5Zm9FbkpwaWxFOVUvb1gwYzhiOGRpdzhrPXw&cppv=2
Request Chain 205
  • https://px.britepool.com/new?partner_id=t HTTP 302
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=6bb0720c-20f7-49f5-8fe9-c50f75f382a2
Request Chain 207
  • https://sync.serverbid.com/ss/2000775.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Request Chain 208
  • https://sync.serverbid.com/ss/2000775.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
Request Chain 213
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 217
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 224
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOOM19qr-ZhmxWjFtM5zz6506H7o8ympRt0SE1Ug&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOOM19qr-ZhmxWjFtM5zz6506H7o8ympRt0SE1Ug&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=efc9d6c7-c98b-4afb-ac37-0c4a63827086&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOM19qr-ZhmxWjFtM5zz6506H7o8ympRt0SE1Ug&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=efc9d6c7-c98b-4afb-ac37-0c4a63827086&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=17cf5794-7a0e-4b13-b491-ace7c771cb7f&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESENmqFzMfkQVLKQ1NYr3ul-8&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENmqFzMfkQVLKQ1NYr3ul-8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5961959193077058021&opid=apx&ops=&utidl=tech:goo:CAESENmqFzMfkQVLKQ1NYr3ul-8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A21122580252&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=4c07acbd1bf9d1ad7ca10a8ed41d0f3a&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOOM19qr-ZhmxWjFtM5zz6506H7o8ympRt0SE1Ug&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 225
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=5961959193077058021
Request Chain 231
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QDKCbHSQ1MvAp95
Request Chain 232
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=463cb130-4958-4b79-ad34-ffed1efc1873
Request Chain 233
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5961959193077058021
Request Chain 234
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDcTcwN0NxT3NBQURncWkxR1ZrZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACq707CqOsAADgqi1GVkg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACq707CqOsAADgqi1GVkg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACq707CqOsAADgqi1GVkg&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACq707CqOsAADgqi1GVkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Request Chain 235
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7f006154-758f-4c00-974d-aa5f04d88538
Request Chain 236
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Lu1yry_pf_01uHepebpqqiu-fq017X6iL-QpK08C
Request Chain 237
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5786969068973057725
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMx7T8H34BQwLovR5tbEu-s&google_cver=1
Request Chain 241
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QDKCbHSQ1MvAp95
Request Chain 242
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=463cb130-4958-4b79-ad34-ffed1efc1873 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=1e328c9f-5de2-4e8b-99d7-7cd69cd2df84&expires=10&ssp=openx&bsw_param=463cb130-4958-4b79-ad34-ffed1efc1873 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=463cb130-4958-4b79-ad34-ffed1efc1873
Request Chain 243
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5961959193077058021
Request Chain 244
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDcmgwN0NxT3NBQUJ2c2RlTzVTZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACq707CqOsAADgqi1GVkg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACq707CqOsAADgqi1GVkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 245
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8e356154-758f-4900-8b4b-04d74bf9f549
Request Chain 246
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wicAhcMjDdfZcgWCxSQYgs0kBdPZLweHkSdt1xMh
Request Chain 247
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8196793949875099847
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEARz_g7UPqEloDVZHzuXeaU&google_cver=1
Request Chain 251
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 252
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=5961959193077058021
Request Chain 253
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9de79a9f-cf76-090e-1310-e5f9ec8fc45b
Request Chain 254
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0804023d-2130-11ec-90d3-062f19f979bc HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0804023d-2130-11ec-90d3-062f19f979bc&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-UJ4GZ1pE2uG1uEe50oF9Se_P1YC2KsdG~A~UP0804023d-2130-11ec-90d3-062f19f979bc
Request Chain 255
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5&ttl=1635517071
Request Chain 257
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=1c1b3378267234924905014e79105fd96fe389c3
Request Chain 258
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTI5NDI2MDItN0VCOC00QTIxLTg0MUEtNUU2NDdBRjJDNzMw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DFD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
Request Chain 260
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=5961959193077058021
Request Chain 261
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9de79a9f-cf76-090e-1310-e5f9ec8fc45b
Request Chain 262
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0804023d-2130-11ec-90d3-062f19f979bc HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0804023d-2130-11ec-90d3-062f19f979bc&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-UJ4GZ1pE2uG1uEe50oF9Se_P1YC2KsdG~A~UP0804023d-2130-11ec-90d3-062f19f979bc
Request Chain 263
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5&ttl=1635517071
Request Chain 265
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=1c1b3378267234924905014e79105fd96fe389c3
Request Chain 266
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkQwRjkyQUUtMzE0My00QTdCLUI2QjMtMEU1RTJFRjFDQzkx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DFD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
Request Chain 267
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPAh2t5Mf9vnq7SC59wtIBc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 270
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjMxOTkyNjU5OTY4MzEzNTgxOQ%3D%3D
Request Chain 272
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/6319926599683135819?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-9V2X_uNE2oRdlgJ_rLSz8cwwBNe063X51LjfIR.Xbg--~A&dongle=0883
Request Chain 275
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=6319926599683135819 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6319926599683135819&dcc=t
Request Chain 276
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 277
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4471594501900226551&dongle=d407
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPAh2t5Mf9vnq7SC59wtIBc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 280
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjMxOTkyNjU5OTY4MzEzNTgxOQ%3D%3D
Request Chain 282
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/6319926599683135819?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-ojK1IuNE2oQJ6vvvx148Ugl6.yf0OzOjkuIRJmmbnA--~A&dongle=0883
Request Chain 285
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=6319926599683135819 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6319926599683135819&dcc=t
Request Chain 286
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 287
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4543652095938154487&dongle=d407
Request Chain 291
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 295
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=5961959193077058021
Request Chain 297
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Request Chain 298
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=99fec256b85ec766687ca3bd
Request Chain 300
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0804023d-2130-11ec-90d3-062f19f979bc HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0804023d-2130-11ec-90d3-062f19f979bc
Request Chain 301
  • https://x.bidswitch.net/sync?ssp=consumable HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=463cb130-4958-4b79-ad34-ffed1efc1873
Request Chain 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=5961959193077058021
Request Chain 304
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Request Chain 305
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=99fec256b85ec766687ca3bd
Request Chain 307
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0804023d-2130-11ec-90d3-062f19f979bc HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0804023d-2130-11ec-90d3-062f19f979bc
Request Chain 308
  • https://x.bidswitch.net/sync?ssp=consumable HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=463cb130-4958-4b79-ad34-ffed1efc1873
Request Chain 310
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 316
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1 HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
Request Chain 317
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Request Chain 324
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5961959193077058021
Request Chain 325
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Request Chain 326
  • https://sync.bfmio.com/syncb?pid=164 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
Request Chain 327
  • https://sync.bfmio.com/syncb?pid=163 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
Request Chain 328
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=0854aadc-2130-11ec-8c1d-1d21b9eb0306 HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=0855d6bf-2130-11ec-8cee-12b1ce320406
Request Chain 330
  • https://trc.taboola.com/sg/synacor-ssp-network/1/rtb-h/?taboola_hm=1 HTTP 302
  • https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=78608f14-de77-4a26-b294-f30495b498a7-tuct84dfb10&query=taboola_hm%3D1&isDirect=0
Request Chain 331
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4737501243 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/993568eb-45a9-4f9c-8aa4-31b5ae3f68a5 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-95834b00-5507-423d-85d0-525e2eac571b-003?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-95834b00-5507-423d-85d0-525e2eac571b-003 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-95834b00-5507-423d-85d0-525e2eac571b-003
Request Chain 332
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=efc9d6c7-c98b-4afb-ac37-0c4a63827086
Request Chain 333
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-IQilnnNE2uGw9bK3eowY6FoQWs0Coii1~A
Request Chain 334
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Request Chain 335
  • https://bh.contextweb.com/bh/rtset?rurl=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs&pid=83&uid=%%VGUID%% HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&uid=BZQ4vk3EKqFe&pid=83
Request Chain 338
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1 HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
Request Chain 339
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Request Chain 341
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5961959193077058021
Request Chain 345
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Request Chain 346
  • https://sync.bfmio.com/syncb?pid=164 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
Request Chain 347
  • https://sync.bfmio.com/syncb?pid=163 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
Request Chain 348
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=0855d711-2130-11ec-8cee-12b1ce320406 HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=0855d6bf-2130-11ec-8cee-12b1ce320406
Request Chain 350
  • https://trc.taboola.com/sg/synacor-ssp-network/1/rtb-h/?taboola_hm=1 HTTP 302
  • https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=13b7ad33-f325-41f6-ad7c-6bb125a750f5-tuct84dfb10&query=taboola_hm%3D1&isDirect=0
Request Chain 351
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1915205376 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/993568eb-45a9-4f9c-8aa4-31b5ae3f68a5 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-95834b00-5507-423d-85d0-525e2eac571b-003?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-95834b00-5507-423d-85d0-525e2eac571b-003 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-95834b00-5507-423d-85d0-525e2eac571b-003
Request Chain 353
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=efc9d6c7-c98b-4afb-ac37-0c4a63827086
Request Chain 354
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-IQilnnNE2uGw9bK3eowY6FoQWs0Coii1~A
Request Chain 355
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Request Chain 356
  • https://bh.contextweb.com/bh/rtset?rurl=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs&pid=83&uid=%%VGUID%% HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&uid=oxFpF5Hduprb&pid=83
Request Chain 359
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=284AAB351A614177ABCF2F6B46093D1F
Request Chain 360
  • https://j.mrpdata.net/c.html?ex=OpenX HTTP 302
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Request Chain 362
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Request Chain 364
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YVR1kAAFR0sQjgA6 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YVR1kAAFR0sQjgA6&_test=YVR1kAAFR0sQjgA6
Request Chain 365
  • https://green.erne.co/openx/cm HTTP 302
  • https://pixel.onaudience.com/?mapped=v74UkLGk9SvVS6qbVl9UXkD5&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253Dv74UkLGk9SvVS6qbVl9UXkD5 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253Dv74UkLGk9SvVS6qbVl9UXkD5 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253Dv74UkLGk9SvVS6qbVl9UXkD5 HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4c07acbd1bf9d1ad7ca10a8ed41d0f3a&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253Dv74UkLGk9SvVS6qbVl9UXkD5 HTTP 302
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3Dv74UkLGk9SvVS6qbVl9UXkD5 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=v74UkLGk9SvVS6qbVl9UXkD5
Request Chain 366
  • https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4543652095938154487&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 367
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=Cdx3hGZfjEOf4baJyDresw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 373
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=2159827874134407060
Request Chain 374
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id= HTTP 302
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=1c750af2-9f44-0c68-0902-db38e44de53d
Request Chain 377
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid= HTTP 302
  • https://sync.teads.tv/um?eid=64&uid=63f0a785-2954-0e37-08e7-c5421266243f
Request Chain 379
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8e5c81c5-d373-8e97-b99b-78a973102fe9 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8e5c81c5-d373-8e97-b99b-78a973102fe9&dcc=t
Request Chain 380
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=089a7685-2130-11ec-8e3f-0f1e794564a3
Request Chain 381
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1&prevuid=05030002_6154759079bd7&knw=0 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=05030002_6154759079bd7
Request Chain 383
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YVR1kAAFSLgQyQA6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVR1kAAFSLgQyQA6&_test=YVR1kAAFSLgQyQA6
Request Chain 384
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjNiYTBmM2NhNmNkNGExMWVmNWZkZDkyM2IwOGI0MDY0NWFiOTdlYw
Request Chain 385
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU5LFACW-M-LTP0&sigv=1&esig=2~85af4fa6f027e8cbe149eb7ad2de6ba6373627a2
Request Chain 386
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF_Vc8LBjhx2v9KaRD4f5bY&google_cver=1
Request Chain 387
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/iXIxF2F8C0_2PCgD13dayA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=315406040289097347
Request Chain 411
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=58676dc1-ceb8-43c4-9d0b-955623b85ac3 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=58676dc1-ceb8-43c4-9d0b-955623b85ac3&apid=UP0804023d-2130-11ec-90d3-062f19f979bc HTTP 302
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP0804023d-2130-11ec-90d3-062f19f979bc&gdpr=0&gdpr_consent=
Request Chain 412
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D58676dc1-ceb8-43c4-9d0b-955623b85ac3%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=sovrn&uid=99fec256b85ec766687ca3bd
Request Chain 413
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D58676dc1-ceb8-43c4-9d0b-955623b85ac3%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=pubmatic&uid=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
Request Chain 414
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D58676dc1-ceb8-43c4-9d0b-955623b85ac3%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=index_rtb&uid=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Request Chain 415
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D58676dc1-ceb8-43c4-9d0b-955623b85ac3%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=appnexus&uid=5961959193077058021

415 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/ 		173 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7F16) / Express
Resource Hash
df0b617bb501fd9dc0af947773994d48da578860fb12d9bf857e97bb7da4934b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
khak.com
:scheme
https
:path
/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
accept-ranges
bytes
age
256
cache-control
no-cache
content-type
text/html; charset=utf-8
date
Wed, 29 Sep 2021 14:17:46 GMT
etag
W/"2b24d-aqiyGyrGGn+ZmfIe/MDRJA"
expires
Wed, 29 Sep 2021 14:17:45 GMT
gdpr-source
DE
last-modified
Wed, 29 Sep 2021 14:13:30 GMT
server
ECS (dcb/7F16)
set-cookie
gdpr-source=DE
vary
Accept-Encoding
via
1.1 varnish
x-abgroup
B
x-cache
HIT
x-device
desktop
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-ua-device
desktop
x-varnish
1279785784
content-length
36740
base.css
khak.com/styles/desktop/ 		521 KB
113 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://khak.com/styles/desktop/base.css?ver=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7F15) / Express
Resource Hash
98a7738bbf5185f09fedd0fb8dd19725b33377965f07b0839213ab22ccff9cc5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/styles/desktop/base.css?ver=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
A
date
Wed, 29 Sep 2021 14:17:46 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58664
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
115836
last-modified
Tue, 28 Sep 2021 22:00:02 GMT
server
ECS (dcb/7F15)
etag
W/"8223a-yWEp9rN+qt5ATDCZDCxjkA"
x-frame-options
SAMEORIGIN
x-varnish
1270610357
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
text/css; charset=utf-8
expires
Wed, 29 Sep 2021 14:17:45 GMT
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a1da608ebf4c9e1e32844c5cdf955ba53c4c3c027e682d1c3413ccf5db28c2fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 14:17:46 GMT
server
ESF
date
Wed, 29 Sep 2021 14:17:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Sep 2021 14:17:46 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5146
date
Wed, 29 Sep 2021 12:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 29 Sep 2021 14:52:00 GMT
autotrack.carbon.js
townsquare.media/public/resources/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/resources/js/autotrack.carbon.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D2A) / Express
Resource Hash
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
A
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
vary
Accept-Encoding
age
82888
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
2031
last-modified
Thu, 03 Oct 2019 21:28:38 GMT
server
ECS (lcy/1D2A)
etag
W/"119a-16d938657f4"
x-frame-options
SAMEORIGIN
x-varnish
233434188 233434158
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:46 GMT
script.js
doi3unldljdx6.cloudfront.net./ 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doi3unldljdx6.cloudfront.net./script.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9000:7:7419:8e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e9f285b1fdf4faa48a857a94f87ce35cc737227e9e6bc079a8bff4ca418f9e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:10:36 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 16:45:06 GMT
server
AmazonS3
age
436
etag
W/"5ebe99ba7f9f035605dcc2e1f1d3ac40"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
zuHz5wLiUQZg4syIYShtv4zszlDH_rMmk9wI5pW-bfrNVBib9KyEIA==
sfp.js
native.sharethrough.com/assets/ 		259 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-90.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe832f73065fb1f34ca8858cb50dac41ee761966bb3cce02767fb5e8082f336e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 13:20:24 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 20:20:15 GMT
server
AmazonS3
age
3444
etag
W/"7bdf14933708a80c448c7feb8e3a8761"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
japSezYqQPjbtwVSbccWTYyCuUCD3YBYDQCc2YLYinQ4uI9Ur7Z8ag==
expires
Tue, 28 Sep 2021 21:20:14 GMT
gpt.js
www.googletagservices.com/tag/js/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7ba8520fee36ba898dfd9a2fcc351d8f8b5d411aed86f7c1a76325a03bcd56c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1000 / 584 of 1000 / last-modified: 1632913824"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25708
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Sep 2021 14:17:47 GMT
186854-113710634486999.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 13:35:32 GMT
Server
Apache
ETag
"903562-930b-5cd22677c1310"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1187
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12790
Expires
Wed, 29 Sep 2021 14:37:34 GMT
pb.js
cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/ 		312 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.218 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) / Express
Resource Hash
3375ed547e5390a692e64c2e738f6c1d96b2f955ec44c201bb6bbd3db9e50284
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
A
date
Wed, 29 Sep 2021 14:17:46 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58637
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop, desktop
x-device
carbon, carbon
content-length
95457
access-control-allow-origin
*
last-modified
Tue, 28 Sep 2021 22:57:19 GMT
server
ECS (frb/67BC)
etag
W/"4e03b-5/IcyAsLPGQgcSdMdirRtA"
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-varnish
238044576, 1271270801 1270616286
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Wed, 29 Sep 2021 14:17:45 GMT
twoview_bootstrap.js
embed.air.tv/v1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.air.tv/v1/twoview_bootstrap.js?organization=AQIWQ5-rSHOajREf3hV1Fg
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.40.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-40-92.compute-1.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
c17c8581fd964382c123a9124d6b41b14c9c2ba97c8ad3cb6945d379524c51ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
server
nginx/1.20.1
vary
Accept-Encoding
access-control-allow-methods
GET, PATCH, POST, PUT, DELETE, OPTIONS
content-type
text/javascript
access-control-expose-headers
Authorization,Location
cache-control
max-age=0, private, no-cache
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+1zgHQkLxZeAkZrjWJnGLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"640a4d1ff2f547a81ed97fb67488ed83"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-+1zgHQkLxZeAkZrjWJnGLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Wed, 29 Sep 2021 14:17:47 GMT
58b07fec4121.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:19:14 GMT
x-fb-trip-id
1679558926
etag
"58b07fec4121"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-encoding
br
content-length
4824

Redirect headers

date
Wed, 29 Sep 2021 14:17:47 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
cln
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control
max-age=21600
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
khakfm-logo3.png
townsquare.media/site/675/files/2017/11/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/675/files/2017/11/khakfm-logo3.png
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D41) / Express
Resource Hash
48515b24887aaf3333a7c2622c894b543b120e170592668eaf8900cef7af79a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 varnish
age
26167033
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
10690
last-modified
Fri, 27 Sep 2019 22:37:05 GMT
server
ECS (lcy/1D41)
x-varnish
2643558121 2643053264
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/png
expires
Wed, 29 Sep 2021 14:17:46 GMT
/
townsquare.media/wp-content/uploads/2019/05/KHAKFM.png/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/wp-content/uploads/2019/05/KHAKFM.png/?w=100
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D3E) / Express
Resource Hash
71db61cfc23db0cdfbe79033690085414ea0a13dc07daf9d21079eef38f1db6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
A
date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 varnish
age
26165688
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
3367
last-modified
Wed, 14 Aug 2019 18:16:24 GMT
server
ECS (lcy/1D3E)
x-varnish
2644633732 2643343987
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/png
expires
Wed, 29 Sep 2021 14:17:46 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://khak.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Wed, 29 Sep 2021 14:17:47 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
cogitoergosum
khak.com/rest/high/api/ 		128 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khak.com/rest/high/api/cogitoergosum
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
09ef7a0019eb719db622d9c66e9a57bf1dad7485f52a0fd767ce65920fa7041c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://khak.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
abgroup=B
content-length
359
:path
/rest/high/api/cogitoergosum
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
etag
W/"80-C+Bpdl0zRAEUtpVCnUM8TA"
server
nginx
x-powered-by
Express
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
set-cookie
cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; Max-Age=1800; Path=/; Expires=Wed, 29 Sep 2021 14:47:47 GMT connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; Path=/; Expires=Fri, 29 Oct 2021 14:17:47 GMT; HttpOnly gdpr-source=DE
vary
Accept-Encoding
content-length
128
expires
Wed, 29 Sep 2021 14:17:46 GMT
cmp.bundle.js
townsquare.media/public/resources/js/ 		185 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/resources/js/cmp.bundle.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D3D) / Express
Resource Hash
9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
A
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
vary
Accept-Encoding
age
32840
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
46582
last-modified
Mon, 26 Oct 2020 18:28:47 GMT
server
ECS (lcy/1D3D)
etag
W/"2e534-175662b7d01"
x-frame-options
SAMEORIGIN
x-varnish
1279053850 1275158524
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:46 GMT
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
last-modified
Tue, 19 Jan 2021 22:23:11 GMT
server
Apache
etag
"2988-5b94848b276f9-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
3813
expires
Wed, 29 Sep 2021 14:32:47 GMT
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
8N42zakBwOFy.ZF9LMqjmgZs3f2_X5lT
content-encoding
gzip
etag
3900a2c2d757386fb762bfd86288f882
age
819
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1BAN3GJAM6VKBYWNKK5A
date
Wed, 29 Sep 2021 14:04:36 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
b835jdH4QxcjLIMZaxP6I6bU8UO_VdPrVwrHQHe0FeKG1Maoyz8byA==
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 20:34:57 GMT
etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=1800
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
28872
tw-cdn
FT
x-served-by
cache-bwi5137-BWI, cache-hhn11575-HHN
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
90f5d5119025abe31c7085ff4e58f40f63bb1e8953f4655f83a225b5698ded1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Ym4PG9blbsdyE2BGYfWVdw==
cross-origin-resource-policy
cross-origin
expires
Wed, 29 Sep 2021 14:26:54 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
UW/Dqgc4ZN5EhM0chr8SE/hifHK2txclDBBe2ajgEkbigsSP5vl9FY/rX+LMQRAoea96wSWLwSDWfiQVpxOThg==
x-fb-trip-id
917726464
x-fb-content-md5
fadf40c1611c16255c1d56d888e963d8
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 29 Sep 2021 14:17:47 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"ec5c69373a19cb05d9d67208ac2de54a"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
JsKNYjJ+UdrvUxo9CkVama6YU0Ee+vtwrpDQFBXJJi3vqaUtW7SLOzvqp+b+vAoO9rkzvt9F7otPa1tvxu9TxA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 29 Sep 2021 14:17:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
bg.jpg
townsquare.media/site/675/files/2017/01/ 		186 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/675/files/2017/01/bg.jpg
Requested by
Host: khak.com
URL: https://khak.com/styles/desktop/base.css?ver=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D50) / Express
Resource Hash
1da3e41227522fdef41fbe9cfbca17a3e7b62261f872ff9144ed544f7f4b76c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
A
date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 varnish
age
26164645
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
190425
last-modified
Wed, 18 Sep 2019 02:11:16 GMT
server
ECS (lcy/1D50)
x-varnish
2896059479
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 29 Sep 2021 14:17:46 GMT
instagram-icon.png
khak.com/public/assets/img/nav/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://khak.com/public/assets/img/nav/instagram-icon.png
Requested by
Host: khak.com
URL: https://khak.com/styles/desktop/base.css?ver=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7F16) / Express
Resource Hash
64d2653d551fc8075979181b1d93b46f8a0f58dbc0b7b47480304a12b011c65e

Request headers

:path
/public/assets/img/nav/instagram-icon.png
pragma
no-cache
cookie
abgroup=B
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
khak.com
referer
https://khak.com/styles/desktop/base.css?ver=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/styles/desktop/base.css?ver=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 varnish
age
26165687
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
9483
last-modified
Thu, 03 Oct 2019 20:12:18 GMT
server
ECS (dcb/7F16)
etag
W/"250b-16d93407643"
x-varnish
2895841482
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
image/png
expires
Wed, 29 Sep 2021 14:17:46 GMT
attachment-Federal-Prison.jpg
townsquare.media/site/675/files/2021/09/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/675/files/2021/09/attachment-Federal-Prison.jpg?w=980&q=75
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D5A) / Express
Resource Hash
d3e849b50146071e4927939805059df299b058dea347bdc586003127c9ee314b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
A
date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 varnish
age
58441
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
101220
last-modified
Tue, 28 Sep 2021 17:37:42 GMT
server
ECS (lcy/1D5A)
x-frame-options
SAMEORIGIN
x-varnish
1270657607
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 29 Sep 2021 14:17:46 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://khak.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:37:36 GMT
x-content-type-options
nosniff
age
596411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:37:36 GMT
khakfm-promo3.jpg
townsquare.media/site/675/files/2017/11/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/675/files/2017/11/khakfm-promo3.jpg
Requested by
Host: khak.com
URL: https://khak.com/styles/desktop/base.css?ver=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D46) / Express
Resource Hash
51fe4d2a530e53aa4d4c69e7e904bd3b26ecdb8daa8e238465e09a45d2aac6b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
A
date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 varnish
age
26167238
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
5994
last-modified
Mon, 16 Sep 2019 15:12:17 GMT
server
ECS (lcy/1D46)
x-varnish
2896060260 2895498461
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 29 Sep 2021 14:17:46 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://khak.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 03:54:04 GMT
x-content-type-options
nosniff
age
123823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 03:54:04 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://khak.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:06:08 GMT
x-content-type-options
nosniff
age
123099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 04:06:08 GMT
truncated
/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c

Request headers

Referer
Origin
https://khak.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
font/opentype;charset=utf-8
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://khak.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 14:00:18 GMT
x-content-type-options
nosniff
age
260249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15604
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 26 Sep 2022 14:00:18 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://khak.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
596767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://khak.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:27:37 GMT
x-content-type-options
nosniff
age
161410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 27 Sep 2022 17:27:37 GMT
main.bundle.4e5345d11b1c70173cbe520398edcea67e483b2f.js
townsquare.media/public/dist/desktop/ 		1 MB
322 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/dist/desktop/main.bundle.4e5345d11b1c70173cbe520398edcea67e483b2f.js?mver=25&gver=3
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D69) / Express
Resource Hash
fc76aaff8b2d583a755dda65d7748e73c615eb74eab17f92283c595758031f13
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
A
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58707
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
329012
last-modified
Mon, 27 Sep 2021 21:56:28 GMT
server
ECS (lcy/1D69)
etag
W/"1162a1-17c29426219"
x-frame-options
SAMEORIGIN
x-varnish
238030590 238029253
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:46 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-45675804-3&cid=270426361.1632925067&jid=2061925744&gjid=2076666559&_gid=270461768.1632925067&_u=aGBAgAADAAAAAE~&z=1691675083
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 29 Sep 2021 14:17:47 GMT
content-type
text/plain
access-control-allow-origin
https://khak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-19109753-1&cid=270426361.1632925067&jid=144996600&gjid=1146043577&_gid=270461768.1632925067&_u=aGDAgAADAAAAAE~&z=23392155
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 29 Sep 2021 14:17:47 GMT
content-type
text/plain
access-control-allow-origin
https://khak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-45675804-1&cid=270426361.1632925067&jid=1632957029&gjid=1693839534&_gid=270461768.1632925067&_u=aGDAgAADAAAAAE~&z=1297494417
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 29 Sep 2021 14:17:47 GMT
content-type
text/plain
access-control-allow-origin
https://khak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-28825804-2&cid=270426361.1632925067&jid=1810856720&gjid=731928797&_gid=270461768.1632925067&_u=aGDAgAADAAAAAE~&z=771214043
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 29 Sep 2021 14:17:47 GMT
content-type
text/plain
access-control-allow-origin
https://khak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-45260060-2&cid=270426361.1632925067&jid=205553137&gjid=691908857&_gid=270461768.1632925067&_u=aGDAgAADAAAAAE~&z=611830786
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 29 Sep 2021 14:17:47 GMT
content-type
text/plain
access-control-allow-origin
https://khak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=pageview&_s=1&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAD~&jid=2061925744&gjid=2076666559&cid=270426361.1632925067&tid=UA-45675804-3&_gid=270461768.1632925067&_av=2.4.1&_au=20&cd1=bjames&cd2=local-news&cd3=embezzlement%2Cnl&cd4=post&cd5=Tue%20Sept%2028%202021&cd6=12%3A36&cd7=standard&cd8=498&cd9=B&cd10=yes&cd12=&cd13=&cd14=&did=i5iSjo&z=648987770
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60012
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=pageview&_s=1&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADAAAAAE~&jid=144996600&gjid=1146043577&cid=270426361.1632925067&tid=UA-19109753-1&_gid=270461768.1632925067&_av=2.4.1&_au=20&cd1=bjames&cd2=local-news&cd3=embezzlement%2Cnl&cd4=post&cd5=Tue%20Sept%2028%202021&cd6=12%3A36&cd7=standard&cd8=498&cd9=B&cd10=yes&cd12=&cd13=&cd14=&did=i5iSjo&z=1730311761
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60012
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=pageview&_s=1&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADAAAAAE~&jid=1632957029&gjid=1693839534&cid=270426361.1632925067&tid=UA-45675804-1&_gid=270461768.1632925067&_av=2.4.1&_au=20&cd1=bjames&cd2=local-news&cd3=embezzlement%2Cnl&cd4=post&cd5=Tue%20Sept%2028%202021&cd6=12%3A36&cd7=standard&cd8=498&cd9=B&cd10=yes&cd12=&cd13=&cd14=&did=i5iSjo&z=817064981
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60012
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=pageview&_s=1&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADAAAAAE~&jid=1810856720&gjid=731928797&cid=270426361.1632925067&tid=UA-28825804-2&_gid=270461768.1632925067&_av=2.4.1&_au=20&cd1=bjames&cd2=local-news&cd3=embezzlement%2Cnl&cd4=post&cd5=Tue%20Sept%2028%202021&cd6=12%3A36&cd7=standard&cd8=498&cd9=B&cd10=yes&cd12=&cd13=&cd14=&did=i5iSjo&z=534415688
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60012
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=pageview&_s=1&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADAAAAAE~&jid=205553137&gjid=691908857&cid=270426361.1632925067&tid=UA-45260060-2&_gid=270461768.1632925067&_av=2.4.1&_au=20&cd1=bjames&cd2=local-news&cd3=embezzlement%2Cnl&cd4=post&cd5=Tue%20Sept%2028%202021&cd6=12%3A36&cd7=standard&cd8=498&cd9=B&cd10=yes&cd12=&cd13=&cd14=&did=i5iSjo&z=844270521
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60012
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
last-modified
Tue, 19 Jan 2021 22:23:11 GMT
server
Apache
etag
"a253-5b94848b276f1-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
14886
expires
Wed, 29 Sep 2021 14:32:47 GMT
rid
match.adsrvr.org/track/ 		109 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186854
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
5624a39478bf09a67d8558a64b09049cbb7e77804805902b0f1e3097380cd2dc

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://khak.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 29 Oct 2021 14:17:47 GMT
identity
api.rlcdn.com/api/ 		44 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://khak.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
pubads_impl_2021092705.js
securepubads.g.doubleclick.net/gpt/ 		336 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092705.js?31062968
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
211da0b49cab8e83ebf2180802fbd4cf1baa054dc45f0393cd071a3cb17453c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120408
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 20:05:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Sep 2021 14:17:47 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		162 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=khak.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ff47a51b08edf0ca7ac7f9a68159719789ca6d97d6b2e93576f42d8a4ffaee32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108
x-xss-protection
0
expires
Wed, 29 Sep 2021 14:17:47 GMT
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame 2382 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fkhak.com
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

:method
GET
:authority
platform.twitter.com
:scheme
https
:path
/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fkhak.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

last-modified
Mon, 02 Aug 2021 20:33:53 GMT
cache-control
public, max-age=315360000
content-type
text/html; charset=utf-8
etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
content-encoding
gzip
access-control-allow-methods
GET
access-control-allow-origin
*
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges
bytes
date
Wed, 29 Sep 2021 14:17:47 GMT
x-served-by
cache-bwi5127-BWI, cache-hhn11575-HHN
x-cache
HIT, HIT
vary
Accept-Encoding
tw-cdn
FT
content-length
105433
sdk.js
connect.facebook.net/en_US/ 		264 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=2c8defc6c195e3384c37938dcf270bdc
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
951d1d67fc27d626fd086cf4be4ad87399543d7cf621ce17568bd98bf7cbb81a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://khak.com/
Origin
https://khak.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
/QUEADXmY24wz6RJqJigcQ==
cross-origin-resource-policy
cross-origin
expires
Thu, 29 Sep 2022 13:33:19 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76285
x-fb-rlafr
0
x-fb-debug
yFD9YkEleV6Eor60J8ukBryCBXXrGCB8nc3bJzWqs2/tS4X/SjkPmplUnIU9W1ONcZl+zI54uqwCnK911XDBBA==
x-fb-trip-id
917726464
x-fb-content-md5
25a7a672c555d3c6249ffeb57de5c819
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 29 Sep 2021 14:17:47 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"368898b8b94aed6b006239f52a63e1aa"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
631470830669776
connect.facebook.net/signals/config/ 		490 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/631470830669776?v=2.9.47&r=stable
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a2716b0f07a214cb2cc3f2d997227bf36e41c8603f4e51175da46d75be53e3e5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
147169
x-xss-protection
0
pragma
public
x-fb-debug
rRLOzakbm49m1Yh78loAKthk5x8wwuwgoRAVzmhS0fCyEfLC10HhQ+MF0f8s9uN1MhFNsQcPyinr+SXlOU3hVA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 29 Sep 2021 14:17:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3227&u=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
access-control-allow-origin
https://khak.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
YJ1qihoo0_0t0MpUXkQB4XW6MczY3-_2YwaKjFfJYF3W_LUmP3MZGA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 20:03:08 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
65680
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 07 Sep 2021 22:15:56 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
_6O2tYUIVSMXKkjUet8z4tImSkBCSk5dTIezZYj8B0Ca7QQFCuLylg==
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-19109753-1&cid=270426361.1632925067&jid=144996600&_u=aGDAgAADAAAAAE~&z=1390903855
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-19109753-1&cid=270426361.1632925067&jid=144996600&_u=aGDAgAADAAAAAE~&z=1390903855
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cogitoergosum
khak.com/rest/high/api/ 		128 B
335 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://khak.com/rest/high/api/cogitoergosum
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
09ef7a0019eb719db622d9c66e9a57bf1dad7485f52a0fd767ce65920fa7041c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://khak.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
content-length
383
:path
/rest/high/api/cogitoergosum
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
etag
W/"80-C+Bpdl0zRAEUtpVCnUM8TA"
server
nginx
x-powered-by
Express
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
set-cookie
cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; Max-Age=1800; Path=/; Expires=Wed, 29 Sep 2021 14:47:47 GMT
vary
Accept-Encoding
content-length
128
expires
Wed, 29 Sep 2021 14:17:46 GMT
chunk-28.fd0dfc83ecc1ec9709ce.1632774487207.js
khak.com/public/dist/desktop/ 		1 KB
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-28.fd0dfc83ecc1ec9709ce.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7EA6) / Express
Resource Hash
e914e3e0c4c55acfcefa2979a861d8e46871b7318cf8cc5d11b6acf1283def35
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-28.fd0dfc83ecc1ec9709ce.1632774487207.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58617
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
591
last-modified
Mon, 27 Sep 2021 21:56:45 GMT
server
ECS (dcb/7EA6)
etag
W/"46a-17c2942a4db"
x-frame-options
SAMEORIGIN
x-varnish
1270621155
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:46 GMT
chunk-15.08c265f08f6506fea3b1.1632774487207.js
khak.com/public/dist/desktop/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-15.08c265f08f6506fea3b1.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7FA3) / Express
Resource Hash
9b813fd9d5969bb7b5e36b7335cb6903edbe418244659edf1d5bf77841aa6e04
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-15.08c265f08f6506fea3b1.1632774487207.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58617
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
11691
last-modified
Mon, 27 Sep 2021 21:56:47 GMT
server
ECS (dcb/7FA3)
etag
W/"9a88-17c2942ab67"
x-frame-options
SAMEORIGIN
x-varnish
238049085
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:46 GMT
chunk-4.f079555344eee6385632.1632774487207.js
khak.com/public/dist/desktop/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-4.f079555344eee6385632.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7F5C) / Express
Resource Hash
d2cc3aeb999342fc5460ffb13b57024197be03725b4ff48846fb27626bda58b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-4.f079555344eee6385632.1632774487207.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58617
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
7752
last-modified
Mon, 27 Sep 2021 21:56:55 GMT
server
ECS (dcb/7F5C)
etag
W/"669c-17c2942cb2a"
x-frame-options
SAMEORIGIN
x-varnish
238049088
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:46 GMT
chunk-31.740605bef5c7c934ce60.1632774487207.js
khak.com/public/dist/desktop/ 		920 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-31.740605bef5c7c934ce60.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7EA5) / Express
Resource Hash
6048f85601991dc20490dedb38396246226e4ee55865776d45d878bc20a5b149
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-31.740605bef5c7c934ce60.1632774487207.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 varnish
age
58617
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
920
last-modified
Mon, 27 Sep 2021 21:56:47 GMT
server
ECS (dcb/7EA5)
etag
W/"398-17c2942aa8c"
x-frame-options
SAMEORIGIN
x-varnish
1270621156
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:46 GMT
wo
khak.com/rest/carbon/api/nowplaying/playertype/ 		23 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://khak.com/rest/carbon/api/nowplaying/playertype/wo
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7FA8) / Express
Resource Hash
68dbf81d8d2f6935cd076477f323bd71864c394b3e624f8023b7a11a6b320b83
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/rest/carbon/api/nowplaying/playertype/wo
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
age
193
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
3260
last-modified
Wed, 29 Sep 2021 14:14:34 GMT
server
ECS (dcb/7FA8)
x-frame-options
SAMEORIGIN
etag
W/"5a4f-dtI0VAwG7ob3Q6IPADSj0Q"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
expires
Wed, 29 Sep 2021 14:17:46 GMT
chunk-32.1b3db3d79ba80c2dafed.1632774487207.js
khak.com/public/dist/desktop/ 		1 KB
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-32.1b3db3d79ba80c2dafed.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7FA8) / Express
Resource Hash
5d9c07428d087ef02f70906af6210d2ef018ff21bee1eafe8c99c167e03e895e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-32.1b3db3d79ba80c2dafed.1632774487207.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58617
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
634
last-modified
Mon, 27 Sep 2021 21:56:45 GMT
server
ECS (dcb/7FA8)
etag
W/"5a3-17c2942a4db"
x-frame-options
SAMEORIGIN
x-varnish
1270621157
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:46 GMT
cogitoergosum
khak.com/rest/high/api/ 		22 B
85 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://khak.com/rest/high/api/cogitoergosum
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://khak.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
content-length
116
:path
/rest/high/api/cogitoergosum
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
etag
W/"16-9TAjjH5B1CRTDKLX0cVR1g"
server
nginx
x-powered-by
Express
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
vary
Accept-Encoding
content-length
22
expires
Wed, 29 Sep 2021 14:17:46 GMT
chunk-19.21595f37cf7f6a9f16ec.1632774487207.js
khak.com/public/dist/desktop/ 		1 KB
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-19.21595f37cf7f6a9f16ec.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7F60) / Express
Resource Hash
e4110fa2efb406d2b15dfe0e0e8e753aeda305262057391b903fb9d7c014baf1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-19.21595f37cf7f6a9f16ec.1632774487207.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58141
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
688
last-modified
Mon, 27 Sep 2021 21:56:47 GMT
server
ECS (dcb/7F60)
etag
W/"4d1-17c2942aa68"
x-frame-options
SAMEORIGIN
x-varnish
1270717546
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:46 GMT
chunk-12.26a5d66d8e8af980d272.1632774487207.js
khak.com/public/dist/desktop/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-12.26a5d66d8e8af980d272.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7EA5) / Express
Resource Hash
beb92436ec50ec52d7af8938bf317470377c3a9e5d9e60d3819a50a950ab3d66
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-12.26a5d66d8e8af980d272.1632774487207.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58617
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
6654
last-modified
Mon, 27 Sep 2021 21:56:47 GMT
server
ECS (dcb/7EA5)
etag
W/"5379-17c2942a940"
x-frame-options
SAMEORIGIN
x-varnish
1270621158
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:46 GMT
/
khak.com/rest/carbon/filter/main/popular-iowa-license-plate-facing-production-delays/ 		76 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://khak.com/rest/carbon/filter/main/popular-iowa-license-plate-facing-production-delays/
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7F7F) / Express
Resource Hash
57ff9206d64e9a3961b7cafac991dbc54f475906fc1714d6f9986f1c060e5bd7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/rest/carbon/filter/main/popular-iowa-license-plate-facing-production-delays/
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
age
274
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
14848
last-modified
Wed, 29 Sep 2021 14:13:13 GMT
server
ECS (dcb/7F7F)
x-frame-options
SAMEORIGIN
etag
W/"12e06-kNsxqI+/fmxys+eD4ql1hA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
expires
Wed, 29 Sep 2021 14:17:46 GMT
/
khak.com/rest/carbon/filter/main/george-kittle-said-that-he-attended-tight-end-university/ 		83 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://khak.com/rest/carbon/filter/main/george-kittle-said-that-he-attended-tight-end-university/
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
b34cf12419968bdfafc1f80a20a261661afda90508d3fcaddd68d987cf9898b0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/rest/carbon/filter/main/george-kittle-said-that-he-attended-tight-end-university/
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
etag
W/"14d5f-7eWnmfB3kTJPCAd58YZM5w"
server
nginx
x-powered-by
Express
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
vary
Accept-Encoding
x-device
desktop
expires
Wed, 29 Sep 2021 14:17:46 GMT
chunk-29.04126f6327b4760a403a.1632774487207.js
khak.com/public/dist/desktop/ 		2 KB
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-29.04126f6327b4760a403a.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7FA6) / Express
Resource Hash
d8f10d0419469c68b491df9c323907d4eeab8fd9ffc2f7ad7774c83ae13f64de
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-29.04126f6327b4760a403a.1632774487207.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58617
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
845
last-modified
Mon, 27 Sep 2021 21:56:55 GMT
server
ECS (dcb/7FA6)
etag
W/"6ab-17c2942cb1a"
x-frame-options
SAMEORIGIN
x-varnish
1270621160
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:46 GMT
chunk-1.934d06c0b88de1017a9f.1632774487207.js
khak.com/public/dist/desktop/ 		984 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-1.934d06c0b88de1017a9f.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7FA6) / Express
Resource Hash
c945fd097c7ed6b99cee9e1178ebdd76da95890c48e9173e6797e72e4eb2ccf8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-1.934d06c0b88de1017a9f.1632774487207.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 varnish
age
58617
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
984
last-modified
Mon, 27 Sep 2021 21:56:45 GMT
server
ECS (dcb/7FA6)
etag
W/"3d8-17c2942a363"
x-frame-options
SAMEORIGIN
x-varnish
1270621162
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:46 GMT
chunk-2.039cb2d1580138db5062.1632774487207.js
khak.com/public/dist/desktop/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-2.039cb2d1580138db5062.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7F13) / Express
Resource Hash
abf09d827ae79e23d056ddd8f76fbeef7c9d793e2531d1596fe3b08da141ee24
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-2.039cb2d1580138db5062.1632774487207.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58617
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1503
last-modified
Mon, 27 Sep 2021 21:56:55 GMT
server
ECS (dcb/7F13)
etag
W/"e0f-17c2942cab6"
x-frame-options
SAMEORIGIN
x-varnish
1270621163
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:46 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f46c2b77f2d088d2acf6aca54a9e726b75bae179a3454b577ae5ca45d1fa2f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49981
x-xss-protection
0
server
cafe
etag
14750501763638591015
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 14:17:47 GMT
/
khak.com/internal-ad-api/ 		581 B
461 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://khak.com/internal-ad-api/?kw[]=bjames&kw[]=iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison&kw[]=local-news&kw[]=embezzlement&kw[]=nl&kw[]=pagetype-post&kw[]=device-desktop
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
b4822ba57955b342e173ebd20137dae710d8c35dd991aa9fc89270552156e995
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/internal-ad-api/?kw[]=bjames&kw[]=iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison&kw[]=local-news&kw[]=embezzlement&kw[]=nl&kw[]=pagetype-post&kw[]=device-desktop
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
age
0
x-cache
MISS
x-ua-device
desktop
x-device
desktop
content-length
340
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-varnish
1279838855
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/json; charset=utf-8
expires
Wed, 29 Sep 2021 14:17:47 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=event&_s=2&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=shortcode&_u=6GDAgAADAAAAAE~&jid=&gjid=&cid=270426361.1632925067&tid=UA-45675804-3&_gid=270461768.1632925067&_av=2.4.1&_au=20&did=i5iSjo&z=1855655877
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60012
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=event&_s=2&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=shortcode&_u=6GDAgAADAAAAAE~&jid=&gjid=&cid=270426361.1632925067&tid=UA-19109753-1&_gid=270461768.1632925067&_av=2.4.1&_au=20&did=i5iSjo&z=1767251983
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60012
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=event&_s=2&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=shortcode&_u=6GDAgAADAAAAAE~&jid=&gjid=&cid=270426361.1632925067&tid=UA-45675804-1&_gid=270461768.1632925067&_av=2.4.1&_au=20&did=i5iSjo&z=1145730485
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60012
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=event&_s=2&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=shortcode&_u=6GDAgAADAAAAAE~&jid=&gjid=&cid=270426361.1632925067&tid=UA-28825804-2&_gid=270461768.1632925067&_av=2.4.1&_au=20&did=i5iSjo&z=187782018
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60012
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=event&_s=2&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=shortcode&_u=6GDAgAADAAAAAE~&jid=&gjid=&cid=270426361.1632925067&tid=UA-45260060-2&_gid=270461768.1632925067&_av=2.4.1&_au=20&did=i5iSjo&z=2139414810
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60012
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
twoview-1.0.js
cdn-sp-s3.air.tv/airtv.js/v/2021-09-16_18-11-31/ 		427 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sp-s3.air.tv/airtv.js/v/2021-09-16_18-11-31/twoview-1.0.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b09ce18fe0a3839def8c8a602aad20d1854c56613f77790bb6a4762336857fcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 01:12:10 GMT
server
AmazonS3
x-amz-request-id
SCN41M072E3C0E7E
etag
"2977856b72241a8c13187bbedaaddab7"
x-hw
1632925067.cds161.fr8.hn,1632925067.cds236.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-length
102972
x-amz-id-2
UykGTnEpxNROgLM6fxk/Ou5ToL8rZiOZVLaHAk9huCd+WWHyw2EHcCO5qf+T33LD8igNW0oED50=
Bob-Profile-2020.jpg
townsquare.media/site/675/files/2020/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/675/files/2020/08/Bob-Profile-2020.jpg?w=300&q=75
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D64) / Express
Resource Hash
aad41bc53de99fb3d652b661cb325e840efb5e13155b7e82a2080409143225ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 varnish
age
26167300
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
9629
last-modified
Wed, 26 Aug 2020 19:14:23 GMT
server
ECS (lcy/1D64)
x-varnish
2645681331 2642980202
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 29 Sep 2021 14:17:46 GMT
attachment-LAUNDRY.jpg
townsquare.media/site/726/files/2021/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/726/files/2021/09/attachment-LAUNDRY.jpg?w=300&q=75
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D4C) / Express
Resource Hash
bb0d2c5364626330ebd9fd27bf00305e85eb6f6be08828cc6c62aab0d3a45bd0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
A
date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 varnish
age
2251256
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
9500
last-modified
Fri, 03 Sep 2021 12:54:18 GMT
server
ECS (lcy/1D4C)
x-frame-options
SAMEORIGIN
x-varnish
2439712899 2438397308
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 29 Sep 2021 14:17:46 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=631470830669776&ev=PageView&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&rl=&if=false&ts=1632925067868&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1632925067866.1956037673&it=1632925067492&coo=false&rqm=GET
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 29 Sep 2021 14:17:47 GMT
headerstats
as-sec.casalemedia.com/ 		0
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=254982&u=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:47 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.18], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://khak.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Wed, 29 Sep 2021 14:17:47 GMT
bid-request
a.teads.tv/hb/ 		16 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://khak.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 29 Sep 2021 14:17:48 GMT
arj
townsquaremedia-d.openx.net/w/1.0/ 		174 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3811dc88-e7c2-49f2-86e7-e5933e1b3b42&nocache=1632925067931&aus=1x1%2C300x250%2C336x280&divids=tsm-ad-in-article-pixel-1&aucs=&auid=539829446&aumfs=250
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
b19172c164f1eb30e0d576e36850e33e132fa87fcc4094d7c868ed80d831bf05

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://khak.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		330 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
20a7ff1c604a10b2ae48d6043797618159ea0e28498ca2fd6cdb38ff3e760b02

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://khak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836596&size_id=15&alt_size_ids=16%2C221&rf=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&kw=in-article-pixel&tk_flint=pbjs_lite_v4.41.0&x_source.tid=3811dc88-e7c2-49f2-86e7-e5933e1b3b42&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.16310234157238424
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3a5c33327e4165fbbf3af15d0fdd965ba0b0bf69f7b99afbcfe815ea5857fb48

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:48 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://khak.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1648
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
44ffbabd0626f423cf153120997c5cc18949134192d3cd7a0855a1114d77c734
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:48 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ebe7a6c3-3b26-4352-ad73-f1f1303a8541
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://khak.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=9150&pi=3&bf=1x1%2C300x250%2C336x280&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ba772a2e84f48f24229b50144e5a4f8b86b96842b108df11fe9acd2bf9c9c695

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://khak.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
v2
e.serverbid.com/api/ 		16 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://khak.com
date
Wed, 29 Sep 2021 14:17:48 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
hb
hb.undertone.com/ 		0
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2552&domain=khak.com
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-76.fra50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://khak.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
iT1O8JE8JDs7jsJfTMYPZ_V-I5yz9nZI8nVs80bgACHd_dXfwUM0cQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		95 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222282f2c930ce544%22%3A%22e6fe6470a476c52cbabe%7C%7Cgpid%3D%2F8328825%2Flocal%2FCedar_rapids%2FKHAK%2Fsharethrough%22%7D&ref=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&s=f3cd9c22-7cd3-40c5-93d5-b43fc755aadd&pv=63195ef2-cbf6-4f32-a481-03e0038aef17&vp=desktop&lib_name=prebid&lib_v=4.41.0&us=5&ius=1&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
35ee2af70732b677a5a7aa374f5b65945dc08a8c52d6eca90ca7a9318b1af838
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:48 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://khak.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
krk.kargo.com/api/v2/ 		2 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22b9f8326c-ff1d-4027-ac01-24469f59d214%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1632925067943%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%222449db11b78a83%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%222449db11b78a83%22%3A%5B%5B1%2C1%5D%2C%5B300%2C250%5D%2C%5B336%2C280%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B1%2C1%5D%2C%5B300%2C250%5D%2C%5B336%2C280%5D%5D%7D%2C%22video%22%3A%7B%22context%22%3A%22outstream%22%2C%22mimes%22%3A%5B%22video%2Fmp4%22%5D%2C%22maxduration%22%3A120%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22maxbitrate%22%3A30000%2C%22minbitrate%22%3A200%2C%22api%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22skip%22%3A0%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22placement%22%3A3%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-in-article-pixel-1%22%2C%22transactionId%22%3A%223811dc88-e7c2-49f2-86e7-e5933e1b3b42%22%2C%22sizes%22%3A%5B%5B1%2C1%5D%2C%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22bidId%22%3A%222449db11b78a83%22%2C%22bidderRequestId%22%3A%222310ecd00bf4fb5%22%2C%22auctionId%22%3A%2276c69c96-9488-41be-8345-02acd32f2148%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.89.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-89-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://khak.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
auction
tlx.3lift.com/header/ 		19 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.41.0&referrer=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&tmax=2000
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.38.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-38-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://khak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=272477&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22277fa1256680bda%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.41.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22993568eb-45a9-4f9c-8aa4-31b5ae3f68a5%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-09-29T14%3A17%3A47%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2228cd1a451174f42%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2228cd1a451174f42%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2228cd1a451174f42%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0ab0fd8aa0abaef0b7bcbb66ae93151f0d63a5da59faee11f779c850b0bcbb98

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.18], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://khak.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Wed, 29 Sep 2021 14:17:48 GMT
bid-request
a.teads.tv/hb/ 		16 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://khak.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 29 Sep 2021 14:17:48 GMT
cygnus
htlb.casalemedia.com/ 		25 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=272476&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223481e0a6edf4c6f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%224.41.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22993568eb-45a9-4f9c-8aa4-31b5ae3f68a5%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-09-29T14%3A17%3A47%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223584dfdf4b06b7e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272476%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22363652be66db8af%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272479%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2237fb25e89351a1e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272480%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223584dfdf4b06b7e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22272476%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0edbe7c0d896e731fe78d07b89e05afcf888259585c613585c333f2a5d86feb1

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.18], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://khak.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Wed, 29 Sep 2021 14:17:48 GMT
bid
krk.kargo.com/api/v2/ 		2 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22b9f8326c-ff1d-4027-ac01-24469f59d214%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1632925067959%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2239ab57ebe546d6f%22%3A%22_aDJRj7ybNG%22%2C%2240c54e7d9991ac9%22%3A%22_wPlmCMrvTH%22%2C%2241a5780396c345a%22%3A%22_wPlmCMrvTH%22%2C%2242ac77359882f74%22%3A%22_wPlmCMrvTH%22%7D%2C%22bidSizes%22%3A%7B%2239ab57ebe546d6f%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%2240c54e7d9991ac9%22%3A%5B%5B728%2C90%5D%5D%2C%2241a5780396c345a%22%3A%5B%5B728%2C90%5D%5D%2C%2242ac77359882f74%22%3A%5B%5B970%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300a%22%2C%22transactionId%22%3A%22b7fa5c21-94b2-4293-8292-14212f1f43c1%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%2239ab57ebe546d6f%22%2C%22bidderRequestId%22%3A%2238a2d144df4ce95%22%2C%22auctionId%22%3A%226ac4c051-fe73-455c-af77-4b6938e81662%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728a%22%2C%22transactionId%22%3A%2262cbeabd-2c11-4402-a1f5-a2c2271018c3%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%2240c54e7d9991ac9%22%2C%22bidderRequestId%22%3A%2238a2d144df4ce95%22%2C%22auctionId%22%3A%226ac4c051-fe73-455c-af77-4b6938e81662%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728b%22%2C%22transactionId%22%3A%223c975016-82b3-419f-b1ee-9cc26c861648%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%2241a5780396c345a%22%2C%22bidderRequestId%22%3A%2238a2d144df4ce95%22%2C%22auctionId%22%3A%226ac4c051-fe73-455c-af77-4b6938e81662%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-970a%22%2C%22transactionId%22%3A%226e6e4af4-04a5-43a2-81e6-19eefd26d56f%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22bidId%22%3A%2242ac77359882f74%22%2C%22bidderRequestId%22%3A%2238a2d144df4ce95%22%2C%22auctionId%22%3A%226ac4c051-fe73-455c-af77-4b6938e81662%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.89.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-89-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://khak.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
arj
townsquaremedia-d.openx.net/w/1.0/ 		173 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b7fa5c21-94b2-4293-8292-14212f1f43c1%2C62cbeabd-2c11-4402-a1f5-a2c2271018c3%2C3c975016-82b3-419f-b1ee-9cc26c861648%2C6e6e4af4-04a5-43a2-81e6-19eefd26d56f&nocache=1632925067960&aus=300x250%2C300x600%7C728x90%7C728x90%7C970x250&divids=tsm-ad-300a%2Ctsm-ad-728a%2Ctsm-ad-728b%2Ctsm-ad-970a&aucs=%2C%2C%2C&auid=539829446%2C539829446%2C539829446%2C539829446&aumfs=250%2C250%2C250%2C250
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
3132d6c477f47d70f4f730617efb8ede8f8d87d1ba58589d164fd72f2fb23b9b

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://khak.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
hb.undertone.com/ 		0
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2552&domain=khak.com
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-76.fra50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:47 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://khak.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
wx5Lj0BEDTXD3unURnO5abGtPWXyOR-A6Jfbk-z6fGwJTGQeH2JasA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		495 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6334d8953c9b5a1ca9a5a2fe7ab7aba9369556d2cdf134514f22f307820dab8b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:48 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
638a54c4-db5d-40f7-942f-0de21e56f4a6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://khak.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
495
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		330 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
df64ba4e5bd01732f18db603a5062f2f2a63342ed8f89e632f902767a7ff1a07

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:47 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://khak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836596&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&kw=tsm-ad-300a&tk_flint=pbjs_lite_v4.41.0&x_source.tid=b7fa5c21-94b2-4293-8292-14212f1f43c1&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9324824190364791
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
8f49f077e772da0ccd0b88707b57e13e9c8c4bfad49241fe83a2e8f6a7dd5991

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:48 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://khak.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1657
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836596&size_id=2&p_pos=atf&rf=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&kw=tsm-ad-728a&tk_flint=pbjs_lite_v4.41.0&x_source.tid=62cbeabd-2c11-4402-a1f5-a2c2271018c3&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.05406528579066916
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a697f946a062e1b8540f0062f5a36be5fd7d3681828a9d1652a593c7d57ead91

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:48 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://khak.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1639
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836596&size_id=2&rf=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&kw=tsm-ad-728b&tk_flint=pbjs_lite_v4.41.0&x_source.tid=3c975016-82b3-419f-b1ee-9cc26c861648&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.518713164918164
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1466d5fe7d52afd201d4a50b7e63b679ce01cb4d07f4e6dd590ddf8921a3b46f

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:48 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://khak.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1642
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836596&size_id=57&p_pos=atf&rf=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&kw=tsm-ad-970a&tk_flint=pbjs_lite_v4.41.0&x_source.tid=6e6e4af4-04a5-43a2-81e6-19eefd26d56f&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.883619000745542
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5fdd74a6bf35c6a9f73b4633f8d724be52507d10a966c0391b9972c3aedee663

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:48 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://khak.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=9149&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5caa85f20199772d1b857c989ac751e590b9c3390fd6b136bdaf5e4941b0b2cf

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://khak.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=9152&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0ac91d4eb7e26b173e613220bd445c4f7dbebc5cb83464093620137fd19a5aaa

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://khak.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=9153&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
be41c772b9a33a5efef7c9e08cda5be2e322743509b8b84882eb7beae3a27424

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://khak.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
trinity.json
apex.go.sonobi.com/ 		158 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2273a9b42c62267d6%22%3A%2252385cf1a79895898f27%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Flocal%2FCedar_rapids%2FKHAK%2Fpost%22%2C%22744eb0057d75ce4%22%3A%22ea7911e26d411186eb66%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FCedar_rapids%2FKHAK%2Fpost%22%2C%2275d90d4b95f0f2b%22%3A%226e36ff2b933db31e890f%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FCedar_rapids%2FKHAK%2Fpost%22%2C%22769bddf218c1ee3%22%3A%2288e31f49e54a033259c1%7C970x250%7Cgpid%3D%2F8328825%2Flocal%2FCedar_rapids%2FKHAK%2Fpost%22%7D&ref=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&s=21c6b283-e578-4f0a-a88e-895bb46e67e2&pv=63195ef2-cbf6-4f32-a481-03e0038aef17&vp=desktop&lib_name=prebid&lib_v=4.41.0&us=5&ius=1&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
a791bcf385fbe57ffe4b63d652241bbaf72c2a4662e247ba129921d3c136202f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:48 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://khak.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
183
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.41.0&referrer=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&tmax=2000
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.38.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-38-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6aa89ea72065baa185e6f80cd45013bf3eb8dd0dd79f0f374ff1ade02bf91c22
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://khak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
3450
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://khak.com
date
Wed, 29 Sep 2021 14:17:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v2
e.serverbid.com/api/ 		16 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=khak.com&v=4e5345d11b1c70173cbe520398edcea67e483b2f&mver=25&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://khak.com
date
Wed, 29 Sep 2021 14:17:47 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		415 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.0.8&lid=336
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://khak.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
415
expires
Wed, 29 Sep 2021 14:47:48 GMT
cogitoergosum
khak.com/rest/high/api/ 		22 B
85 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://khak.com/rest/high/api/cogitoergosum
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://khak.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1; _fbp=fb.1.1632925067866.1956037673; blingblocksession=1
content-length
107
:path
/rest/high/api/cogitoergosum
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
etag
W/"16-9TAjjH5B1CRTDKLX0cVR1g"
server
nginx
x-powered-by
Express
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
vary
Accept-Encoding
content-length
22
expires
Wed, 29 Sep 2021 14:17:47 GMT
collect
www.google-analytics.com/j/ 		2 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1590736317&t=event&_s=1&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblock&ea=detection&el=off&_u=6GDAAAADAAAAAG~&jid=621960977&gjid=1291030112&cid=270426361.1632925067&tid=UA-115003007-7&_gid=270461768.1632925067&_r=1&_slc=1&did=i5iSjo&z=1961524719
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://khak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&pid=ZRNK5FWuK48pN&cb=0&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22336x280%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FCedar_rapids%2FKHAK%2Ftsm-ad-in-article-pixel-1%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
ZZ80G0W5PP74V7XQ9QNF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://khak.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
Fibonodu4vReHCBCPs9AyDgIoiXZxe-H2lV65V1YMnQGBt7Dcz4jUQ==
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&pid=ZRNK5FWuK48pN&cb=1&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FCedar_rapids%2FKHAK%2Ftsm-ad-300a%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FCedar_rapids%2FKHAK%2Ftsm-ad-970a%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FCedar_rapids%2FKHAK%2Ftsm-ad-728a%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22kv%22%3A%7B%7D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FCedar_rapids%2FKHAK%2Ftsm-ad-728b%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
GCK1BMT66V4J27D24ERE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://khak.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
073jE_zqpVr35CVadj8LspPgOv0YRItGAP853iQbwhh-2zOlzdB-0Q==
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=279066220340679&input_token&origin=1&redirect_uri=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
VtiyOraAiKH8Pu9PWmcqUTMAFGEk4PIM8SyZIZ0x9lDZ67FdQ4Ld0OJwIK0LtE7YTMdkAq/o3T6iep0PHBuchQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Sep 2021 14:17:48 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://khak.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
like.php
www.facebook.com/v2.8/plugins/ Frame 1210 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=279066220340679&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c6deda655a27c%26domain%3Dkhak.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkhak.com%252Ff3ea14f224cdd8c%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.facebook.com%2F981KHAK&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.8/plugins/like.php?action=like&app_id=279066220340679&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c6deda655a27c%26domain%3Dkhak.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkhak.com%252Ff3ea14f224cdd8c%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.facebook.com%2F981KHAK&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
gI4I/SgrmuKBllIbIBgAYtI45O+smpNk4iez9H7fdczm3zMfiHBp4POnFuNPGYbK5lLd07bq5nCDM5C0JzjpyQ==
content-length
0
date
Wed, 29 Sep 2021 14:17:48 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 		241 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc4ff836c21915980e62cfa48b7b385a07d51e9997e9b15258c72b69d1c1ba0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 23:54:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83859
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Wed, 28 Sep 2022 23:54:32 GMT
subscribe_embed
www.youtube.com/ Frame A095 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channel=981KHAK&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fkhak.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bad9e1d666c08d86b9be08eb93a8def15764abf6c4241a69c288d2759ea57fcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/subscribe_embed?usegapi=1&channel=981KHAK&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fkhak.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 29 Sep 2021 14:17:48 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=0zQnJGMLDcA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Thu, 03-Jan-2019 14:17:48 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+159; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 		738 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faed360cd61cdb6047a3a8b5418673bb518b54204098e67d2b2c973e0328bf89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
482
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Thu, 22 Sep 2022 16:21:09 GMT
chunk-18.4c88f39b9077510dc1c2.1632774487207.js
khak.com/public/dist/desktop/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-18.4c88f39b9077510dc1c2.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7EC9) / Express
Resource Hash
038eac2c04bef0ace1857f3fed5650d6fe5bbdfa0fed4d61e0ac5dc10b3e98c7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-18.4c88f39b9077510dc1c2.1632774487207.js
pragma
no-cache
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1; _fbp=fb.1.1632925067866.1956037673; blingblocksession=1; _gat_UA1150030077=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58612
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
16777
last-modified
Mon, 27 Sep 2021 21:56:55 GMT
server
ECS (dcb/7EC9)
etag
W/"103c9-17c2942cab6"
x-frame-options
SAMEORIGIN
x-varnish
238050282
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:47 GMT
chunk-8.011fc21be3c393c5bc61.1632774487207.js
khak.com/public/dist/desktop/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-8.011fc21be3c393c5bc61.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7EA2) / Express
Resource Hash
57dd5d643ec3f54de19fda106f50a561991b5bad1fe3364f5f19fbd61f3c6b2f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-8.011fc21be3c393c5bc61.1632774487207.js
pragma
no-cache
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1; _fbp=fb.1.1632925067866.1956037673; blingblocksession=1; _gat_UA1150030077=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58612
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
3495
last-modified
Mon, 27 Sep 2021 21:56:47 GMT
server
ECS (dcb/7EA2)
etag
W/"286b-17c2942acd7"
x-frame-options
SAMEORIGIN
x-varnish
238050283
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:47 GMT
60dcc7e67b35b76cfb51b2f9
khak.com/rest/carbon/api/gallery/ 		112 KB
31 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://khak.com/rest/carbon/api/gallery/60dcc7e67b35b76cfb51b2f9
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
29dd1274b28750cf6d025630c818336edd5627117f541025592d1e1f5bfadec1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/rest/carbon/api/gallery/60dcc7e67b35b76cfb51b2f9
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1; _fbp=fb.1.1632925067866.1956037673; blingblocksession=1; _gat_UA1150030077=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
etag
W/"1c0b0-fYindthyyzCfJ9L92PVqCw"
server
nginx
x-powered-by
Express
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
vary
Accept-Encoding
x-device
desktop
expires
Wed, 29 Sep 2021 14:17:47 GMT
609d87197c0f57515fc0ebd8
khak.com/rest/carbon/api/gallery/ 		47 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://khak.com/rest/carbon/api/gallery/609d87197c0f57515fc0ebd8
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
c3db54b5b519e2b7cee057e6e1d91e905b72b4b8f8679d33fdda0d6b402933f2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/rest/carbon/api/gallery/609d87197c0f57515fc0ebd8
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1; _fbp=fb.1.1632925067866.1956037673; blingblocksession=1; _gat_UA1150030077=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
etag
W/"bdc2-sWXrHTRTxQ0PgsrkXsSkZg"
server
nginx
x-powered-by
Express
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
vary
Accept-Encoding
x-device
desktop
expires
Wed, 29 Sep 2021 14:17:47 GMT
zerg-lk.js
www.zergnet.com/ 		391 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/zerg-lk.js?ref=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&domain=khak.com&fb=84856&u=751&q=Sidebar
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.31.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-31-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a6fa73feb3649cfada244243465bccf81c8277c078302115fd308ea3d324e22a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
gdpr-cmp-bootstrap.js
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 		307 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
267d1daed09d9ecec5f1e21bb6fe93e6eb9b65a051b7c07e966dfcda10f9e812

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:20:57 GMT
server
Apache
etag
"4ccb2-5cc99935cd436-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
69040
script-loads
events.air.tv/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.air.tv/script-loads
Protocol
H2
Server
18.232.13.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-13-40.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://khak.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
server
nginx/1.20.1
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
script-loads
counts.air.tv/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://counts.air.tv/script-loads
Protocol
H2
Server
34.226.117.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-117-177.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://khak.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
server
nginx/1.20.1
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
iframe_api
www.youtube.com/ 		980 B
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7b6ca722b11ece7b4d120738db3c14b8880487b0646a71812abaa66755033d12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires
Wed, 29 Sep 2021 14:17:48 GMT
script-loads
events.air.tv/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.air.tv/script-loads
Requested by
Host: cdn-sp-s3.air.tv
URL: https://cdn-sp-s3.air.tv/airtv.js/v/2021-09-16_18-11-31/twoview-1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.13.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-13-40.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
server
nginx/1.20.1
x-powered-by
Express
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
0
script-loads
counts.air.tv/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://counts.air.tv/script-loads
Requested by
Host: cdn-sp-s3.air.tv
URL: https://cdn-sp-s3.air.tv/airtv.js/v/2021-09-16_18-11-31/twoview-1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.117.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-117-177.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:48 GMT
server
nginx/1.20.1
x-powered-by
Express
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
0
settings
syndication.twitter.com/ Frame 2382 		288 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=30bc5b4f6822e04c5476e9e3a2f09e6b42bbc7f0
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fkhak.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
9394db09c7d923e754846eb13c2c5178ba4cdb990a0e7c687b02cc1028e9c242
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 14:17:48 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
ee0705f872e9601603d2ffe8ef2204f07ff60239d2a20e91507cedd38e4569f0
content-length
188
teju-webclient.min.js
static.solutionshindsight.net/teju-webclient/ 		78 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-89.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b30807190a785d2ffddebe2ca1eb1e951a089b6cedc0bd35d4c2c987ad7843db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:15:29 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 17:43:48 GMT
server
AmazonS3
age
396
etag
"c0f5917deac1e3ad80876202c2fc26cb"
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
22519
x-amz-cf-id
74rXGPET_YuzQnauvJz_kMK_XEHXXI_rMqBLgWyh4YFouQ0K5TsptQ==
/
www.facebook.com/tr/ Frame 59AB 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
3795
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://khak.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://khak.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://khak.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date
Wed, 29 Sep 2021 14:17:48 GMT
www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame A095 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=981KHAK&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fkhak.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channel=981KHAK&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fkhak.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 12:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6066
x-xss-protection
0
last-modified
Wed, 18 Nov 2020 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Sep 2022 12:44:47 GMT
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame A095 		252 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=981KHAK&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fkhak.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channel=981KHAK&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fkhak.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 05:31:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549989
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73785
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 23 Sep 2022 05:31:19 GMT
www-widgetapi.js
www.youtube.com/s/player/d82ca80e/www-widgetapi.vflset/ 		135 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d82ca80e/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
410b77cfed895ed4121c51db552980b028e957881909f803f67192c4ad59b315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 13:59:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
1089
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:00:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Sep 2022 13:59:39 GMT
attachment-1-2.jpg
townsquare.media/site/341/files/2021/06/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/341/files/2021/06/attachment-1-2.jpg?w=980&q=75
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D23) / Express
Resource Hash
056fd2b2c4cbd63cf403f2f8c9b6da4edf727034d1e2103c01b355cce62e32ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:48 GMT
via
1.1 varnish
age
7257070
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
105938
last-modified
Wed, 30 Jun 2021 19:41:26 GMT
server
ECS (lcy/1D23)
x-varnish
1563565284
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 29 Sep 2021 14:17:47 GMT
attachment-2-2.jpg
townsquare.media/site/341/files/2021/06/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/341/files/2021/06/attachment-2-2.jpg?w=980&q=75
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D3B) / Express
Resource Hash
30cf0171158ae16d268bff7a5ffced521797f5acb8fd20acd1f8373dbb9784f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
A
date
Wed, 29 Sep 2021 14:17:48 GMT
via
1.1 varnish
age
7257061
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
97834
last-modified
Wed, 30 Jun 2021 19:41:30 GMT
server
ECS (lcy/1D3B)
x-varnish
1563566912
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 29 Sep 2021 14:17:47 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame A440 		566 B
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkhak.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
713c304865c83ca9d1b08d908fe09a406d4e78d0dc4518b0de875a60c9da489e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ORNxCve4TGZyT2mH6Oy5Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkhak.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=kRjy2J9NU8sfbsHEMoghdbVKFvEhIHPr3VyHVOD7YnDpoprv54guV6tc2RThJbZuPXUEIz_efE3ezakSuHqKt84SvQl6IXWSjvJH1Esr3y8SchMpcQdKizwoIuUf_ocxXxGlsW1P3o1UAX3QylaWfQ_rDs3OEnV9nOo5_0uQw6w
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 29 Sep 2021 14:17:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-ORNxCve4TGZyT2mH6Oy5Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
euconsent
api.conversant.mgr.consensu.org/ 		105 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.conversant.mgr.consensu.org/euconsent?configId=10164&cmpVersion=3.5.0&c=8593376579
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
4f138875bd8b6071fa8a5946c4adeb6b38d5176e6f5d66b7221e77915ebd5d34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://khak.com
date
Wed, 29 Sep 2021 14:17:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx
vary
Origin
content-type
application/json
subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame A095 		156 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:57:26 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Sep 2020 20:15:00 GMT
server
sffe
age
105622
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Wed, 28 Sep 2022 08:57:26 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame A095 		125 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd9f422e93eb1cfdf948223882c12a8ba87ab2191ceffaf8689f0bd2b87d3cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 10:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41750
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Thu, 29 Sep 2022 10:24:15 GMT
zerg.js
www.zergnet.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/zerg.js?id=84074
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.31.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-31-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b93fb8b4e63849b6b1628fa80b9347d366817ae1d5b5ab63dcac21dcf7447e36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
expires
Wed, 06 Oct 2021 14:17:48 GMT
server
nginx
content-type
application/javascript; charset=UTF-8
a2hhay5jb20%3D
static.solutionshindsight.net/assets/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/assets/a2hhay5jb20%3D
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-89.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
412066e0bbed90e039b96695f47201f6c41ed6a80956eae271943e45f6b1a3e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"53c8b086a9dcb1b5720c5d37f381c4df"
x-edge-origin-shield-skipped
0
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:46:13 GMT
server
AmazonS3
date
Wed, 29 Sep 2021 14:17:50 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
m8aklLbATgBcOfNocG66HjfOw67lUB0EBPIbEDzRmD4R1k6QBXVcxA==
button.5d16ecc02fbaf599a24dfb57ab239320.js
platform.twitter.com/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 20:33:39 GMT
etag
"6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
2296
tw-cdn
FT
x-served-by
cache-bwi5169-BWI, cache-hhn11575-HHN
2607672972-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame A440 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/2607672972-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkhak.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 12:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4308
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 02:13:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="federated-signon-mpm-access"
expires
Wed, 28 Sep 2022 12:43:42 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame A440 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkhak.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
87629cd57dbd6b0971f759ce88e454d939a2275b69e9a113c1f421d2dcf4d4bd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E9F/girkeVdOqSkjcT1BeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"9c5a8574bdf283ce8259de0154ce003e"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-E9F/girkeVdOqSkjcT1BeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Wed, 29 Sep 2021 14:17:48 GMT
follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
platform.twitter.com/widgets/ Frame C3FF 		36 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ade4559ba0159fe586121f621bed885f04755e81a8d02e58eb7d0f9771afe2b

Request headers

:method
GET
:authority
platform.twitter.com
:scheme
https
:path
/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

last-modified
Mon, 02 Aug 2021 20:33:41 GMT
cache-control
public, max-age=315360000
content-type
text/html; charset=utf-8
etag
"a237d70af6aab8c30f8fef9c8de02f69+gzip"
content-encoding
gzip
access-control-allow-methods
GET
access-control-allow-origin
*
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges
bytes
date
Wed, 29 Sep 2021 14:17:48 GMT
x-served-by
cache-bwi5180-BWI, cache-hhn11575-HHN
x-cache
HIT, HIT
vary
Accept-Encoding
tw-cdn
FT
content-length
13651
cb=gapi.loaded_2
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_2
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
852f3e4e2ff395e89439c543b37f8ebb3bdca5b0dda9ae0b1b6779f3b93fa89f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 23:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9533
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Wed, 28 Sep 2022 23:32:19 GMT
truncated
/ Frame C3FF 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
subscribe_embed
www.youtube.com/ Frame F0B9 		604 B
518 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCBk1VANDJlhmmBe5hZONlQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fcfd9df531e441dae38f5ec47108591b5685e7ab2611d97781b775a0baa6e09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/subscribe_embed?action_card=1&channelid=UCBk1VANDJlhmmBe5hZONlQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
cookie
YSC=0zQnJGMLDcA; VISITOR_INFO1_LIVE=AhcS8o8uHvs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 29 Sep 2021 14:17:49 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Thu, 03-Jan-2019 14:17:49 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+200; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 13:18:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
435575
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 24 Sep 2022 13:18:14 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:43:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
592460
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 22 Sep 2022 17:43:29 GMT
output.js
www.zergnet.com/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/output.js?id=84074&time=1632925069017&sc=1&callback=json6535699
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.31.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-31-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
795f1b7168b2c746f152051ba6f8b536b715674b934273a76e2d74431dbedf54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:49 GMT
content-encoding
gzip
server
nginx
p3p
CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		318 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:45:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
235942
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Mon, 26 Sep 2022 20:45:27 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		116 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:17:51 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
122398
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
expires
Wed, 28 Sep 2022 04:17:51 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		117 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 13:46:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
433853
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 24 Sep 2022 13:46:56 GMT
vendor-list.json
cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/ 		288 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/vendor-list.json
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3a3f5819108615c6271ef07789cf63fed1f002541ab4800eaf0547977b4ee0a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:49 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 16:15:02 GMT
server
Apache
etag
"47e0e-5cd10840dc113-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
37023
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame A440 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b4ca02afc05579b79ae3765ccff134871e2ed02f8f7c133efdc8b779ee3deb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 23:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18128
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Wed, 28 Sep 2022 23:37:59 GMT
www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame F0B9 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCBk1VANDJlhmmBe5hZONlQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCBk1VANDJlhmmBe5hZONlQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 06:35:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200569
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2447
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 01:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Sep 2022 06:35:00 GMT
www-subscribe-embed-card_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame F0B9 		149 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCBk1VANDJlhmmBe5hZONlQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCBk1VANDJlhmmBe5hZONlQQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 13:08:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522570
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44975
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 23 Sep 2022 13:08:19 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame F0B9 		125 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd9f422e93eb1cfdf948223882c12a8ba87ab2191ceffaf8689f0bd2b87d3cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 10:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14014
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41750
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Thu, 29 Sep 2022 10:24:15 GMT
jot
syndication.twitter.com/i/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22981KHAK%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1632925069130%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 29 Sep 2021 14:17:49 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
ee0705f872e9601603d2ffe8ef2204f07ff60239d2a20e91507cedd38e4569f0
x-transaction
4104be7684041179
expires
Tue, 31 Mar 1981 05:00:00 GMT
6810845_300.jpg
img2.zergnet.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2.zergnet.com/6810845_300.jpg
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce0f59b36912d2df4ae86190c916897c68cf1a52122b357383c62a9725a2b3b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 13:32:42 GMT
Via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
Age
2708
X-Edge-Origin-Shield-Skipped
0
x-amz-replication-status
COMPLETED
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
20185
Last-Modified
Wed, 29 Sep 2021 13:27:02 GMT
Server
AmazonS3
ETag
"4402adc285b5940568274fb83f43e696"
x-amz-version-id
m62rGnSgOSThowOVkpKTWz7Lxu3BKYxX
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
NE2z_R3a-r8wQ_ge1woIaykFBpQacM99Rod-0SZHi3DxfaMARqBCfA==
Expires
Thu, 29 Sep 2022 13:27:01 GMT
6798498_300.jpg
img5.zergnet.com/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img5.zergnet.com/6798498_300.jpg
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb589fa4e0a2e4e3ee8c62236b66a6f5341c4375d7dd006d0267bef4a7b1dbab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 13:08:47 GMT
Via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
Age
608943
X-Edge-Origin-Shield-Skipped
0
x-amz-replication-status
COMPLETED
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
18873
Last-Modified
Wed, 22 Sep 2021 13:05:32 GMT
Server
AmazonS3
ETag
"bb186914cb12acb17952160ff10c8620"
x-amz-version-id
ScdGWmiXu7eFNxJmAvg3vuvoBW.H10S6
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
4S_qBbXiCxBTL0HZV-S2gme8NAT97Mz7UBS-l7hZD7n2xRor8FeYuA==
Expires
Thu, 22 Sep 2022 13:05:31 GMT
6790473_300.jpg
img2.zergnet.com/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2.zergnet.com/6790473_300.jpg
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e2f6da99c8cb226f914a01233f48bb9bf05306a156e59bf068ad71e80350599

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 17:44:04 GMT
Via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Age
1024426
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
12552
Last-Modified
Fri, 17 Sep 2021 17:32:32 GMT
Server
AmazonS3
ETag
"ac3f0ddc82ce1b40362e25d2085fb944"
x-amz-version-id
Toi9TmzTI6CdtEA0FxkT.rismlSlQluE
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
avaKa74eLtd_nUeE6HcSkfcO7UousnKHB-Zypq4e_WlOZTS9xMntsg==
Expires
Sat, 17 Sep 2022 17:32:31 GMT
6794547_300.jpg
img4.zergnet.com/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/6794547_300.jpg
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a96269545af317a8f33bafab25213a20307bbc8d2980e61444d7a1eef7dd4281

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 20 Sep 2021 17:24:13 GMT
Via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Age
766417
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
19725
Last-Modified
Mon, 20 Sep 2021 17:20:22 GMT
Server
AmazonS3
ETag
"4a41fd11d5ec75734c8d817ee611843c"
x-amz-version-id
BEgHUxsVKvJ6q41LksNfg0jRkj8zTopl
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
d_3hGdGVGsxlA77v-QLdco7-ahWVm5ToWPUEk4Izhw6Z-HL0DJtNJg==
Expires
Tue, 20 Sep 2022 17:20:21 GMT
event
api.conversant.mgr.consensu.org/gdpr/cmp/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://khak.com
date
Wed, 29 Sep 2021 14:17:49 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin
gdpr-cmp-ui.js
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 		326 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6dbfba471ede6d5d286947ae471abb02656ff5cc5f69374dd133ed2ba11e86c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:49 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:20:57 GMT
server
Apache
etag
"5169b-5cc99935ce3d4-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
83207
gtm.js
www.googletagmanager.com/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K346HJZ
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c60ccccd63bea190325ff843467cad588e52483e2088aae2230bb8f43f8d722
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41458
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Sep 2021 14:17:49 GMT
en.json
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/en.json
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:49 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:20:57 GMT
server
Apache
etag
"f30-5cc99935cff3c-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
1178
event
api.conversant.mgr.consensu.org/gdpr/cmp/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://khak.com
date
Wed, 29 Sep 2021 14:17:49 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin
tag
btloader.com/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5642230212591616&upapi=true
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c40ece877a31e345acb7059773b1e9b2e1427f7eb1124de959b483fbb6beac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
6965d653caa4690a-FRA
date
Wed, 29 Sep 2021 14:17:49 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2770
etag
W/"c0a0aa01f9563e2a6da94348bd1e2e9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fm9yrht%2Fqi4QvrOqOaPCVH959CahMCgxh%2F8EQJQ0lDqdmII7riTM%2FEimIgO07%2Bax31uPX4P%2Buq7wGpM2NwsBWgF2sklmjqAikz8djkvKUYJCyhf3CppPKzMP4aFeG%2B6J%2BJiGtY4gAfVBZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
content-encoding
br
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KHAKFM&ncv=24
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KHAKFM&ncv=24
5 B
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KHAKFM&ncv=24
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:49 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6965d65668ba4e61-FRA
content-language
de-DE
p3p
CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin
*
cache-control
no-cache
content-type
text/html;charset=ISO-8859-1

Redirect headers

date
Wed, 29 Sep 2021 14:17:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=iso-8859-1
location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KHAKFM&ncv=24
cf-ray
6965d6541bcb4e61-FRA
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
5 B
144 B 		Script
General
Check archive.org
Download Go to
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:49 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6965d65668bc4e61-FRA
content-language
de-DE
p3p
CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin
*
cache-control
no-cache
content-type
text/html;charset=ISO-8859-1

Redirect headers

date
Wed, 29 Sep 2021 14:17:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=iso-8859-1
location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
cf-ray
6965d6541be24e61-FRA
favicon.ico
ad.doubleclick.net/ 		1 KB
685 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Sep 2021 09:11:04 GMT
px.gif
ad-delivery.net/ 		43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.3985519385398244
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Wed, 29 Sep 2021 14:17:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
119
x-guploader-uploadid
ABg5-UzSZ-Kt1WbGdd88HlCnZf7YcJGLu-DR5tPwPS9bXoxAsvJYwt4jGn6LAHoZbG34sctt0vecv7iFCJZExLBCcbRvF7nEjw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2Fjc1wZusaHxv4WFOTPcZjtFXggXvjNMb7CfUYF8QU1w01ElpGuyJTfa8J%2BfEAviTMhl3qOR%2BRHlklfhpjhbaMPQePIx8aTE5B%2FU16ygbcq0e0yu2zdBUhlxupdQrb4ItS25Z9ZpfKfgSODylw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6965d6547b8842d5-FRA
expires
Wed, 29 Sep 2021 15:15:50 GMT
613172405857271
connect.facebook.net/signals/config/ 		490 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/613172405857271?v=2.9.47&r=stable
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31ddc8005048c873eafa8f51597e8cfd355981315a53023b6115977a2b0f8901
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
146957
x-xss-protection
0
pragma
public
x-fb-debug
9hGZNaiHSo3yyKzIvSuLQRFBEywoWj80Kv0hIkmJUvJExI3ydTk3NQKLT4y7sl0rIFPmKUI3mbYl6xOq0RXVlA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 29 Sep 2021 14:17:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 05:46:52 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
67006
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
2C-Sps9MHbA9ecERRkYWlcT2LmCFDAdZjRb4rTU4mQbfXCRx_Grj_Q==
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=613172405857271&ev=PageView&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&rl=&if=false&ts=1632925069522&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1632925067866.1956037673&it=1632925067492&coo=false&rqm=GET
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 29 Sep 2021 14:17:49 GMT
pv
api.btloader.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=YBXAB9ecg&w=5640841776332800&o=5642230212591616&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 29 Sep 2021 14:17:49 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
clear
via
1.1 google
pubcid.min.js
townsquare.media/public/resources/js/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/resources/js/pubcid.min.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D3E) / Express
Resource Hash
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
A
date
Wed, 29 Sep 2021 14:17:49 GMT
content-encoding
gzip
vary
Accept-Encoding
age
73198
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
18369
last-modified
Tue, 30 Mar 2021 01:10:30 GMT
server
ECS (lcy/1D3E)
etag
W/"e26f-17880ae9f25"
x-frame-options
SAMEORIGIN
x-varnish
1269931557 1267835438
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:48 GMT
/
www.facebook.com/tr/ Frame 3678 		0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
3816
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://khak.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://khak.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://khak.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date
Wed, 29 Sep 2021 14:17:50 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7C7E 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
8ac0a280acb9c4dd3786ac82e7698f873bfa79b5ad5da771d269a55c28c4cf91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1000 / 852 of 1000 / last-modified: 1632913824"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25708
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Sep 2021 14:17:50 GMT
didna_config.js
storage.googleapis.com/didna_hb/hindsight/townsquaremedialocal/ Frame 7C7E 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna_hb/hindsight/townsquaremedialocal/didna_config.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
82b98908cf2aeb94534f880c5dde49a454638e7486488f9a40f2e1cf825e61f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:50 GMT
x-guploader-uploadid
ADPycds71CS876vVEUCRN_TnpqwfI8fBsbNcR6gHz4aPtd0FSYLyS3VKa6XV6ucVxjfdE7e-Rgbph3Lb7Y85SW4ehNhKfnrZyw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9996
last-modified
Thu, 19 Aug 2021 16:54:09 GMT
server
UploadServer
etag
"14d9e5d0f9a5bb3bfb9ee41f602c0d89"
x-goog-hash
crc32c=iwJnYQ==, md5=FNnl0Pmluzv7nuQfYCwNiQ==
x-goog-generation
1629392049793444
cache-control
no-store
x-goog-stored-content-length
9996
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 29 Sep 2022 14:17:50 GMT
_bulk
api.solutionshindsight.net/v2/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.solutionshindsight.net/v2/events/_bulk
Protocol
H2
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://khak.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Wed, 29 Sep 2021 14:17:50 GMT
x-amzn-requestid
fb6a5d80-a9a6-4d07-adc1-4d8aff9b4b72
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
GbdOSFLZIAMF1XQ=
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache
Miss from cloudfront
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
s4_t8Q2TtDiHdORU4OStmGGeDEdjzuu753HkrIA9ZTiUMwN4jUKkRg==
_bulk
api.solutionshindsight.net/v2/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.solutionshindsight.net/v2/events/_bulk
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Sep 2021 14:17:50 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
f721d6b0-7803-4ddc-aa27-1c2c144187ec
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6154758e-1fef528d65e93b227e33e2b6
x-amz-apigw-id
GbdOTFRCoAMFluA=
content-length
0
x-amz-cf-id
tw9YaRfi6TW2KIab7jFAw0atR4eAfHVY57jZuU5zxatzPvbNEWEH2Q==
pubads_impl_2021092707.js
securepubads.g.doubleclick.net/gpt/ Frame 7C7E 		336 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092707.js?31062970
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
5abd63781c67c7977a98ef35f78b2f8650983af8231aa11df7e3691b26cc3314
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120407
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 20:12:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Sep 2021 14:17:50 GMT
config.js
confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/ Frame 7C7E 		249 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/config.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ba558c1e4e766bcc8650bb3834b2aa70cf25bece6b2631ade75237545ea9d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:50 GMT
Content-Encoding
gzip
Age
1510
X-Cache
HIT
Connection
keep-alive
Content-Length
45025
x-amz-id-2
kbOfdDVkVcW7TfvK7m9IJYu6Q22jebcX9EFfC3hpB0Ghdn9OWfHhPg2+PQPVaq5ZFrM3XUUaQ7Q=
X-Served-By
cache-hhn4075-HHN
Last-Modified
Wed, 29 Sep 2021 12:54:38 GMT
Server
AmazonS3
X-Timer
S1632925071.607508,VS0,VE0
ETag
"d19d89a14c7ae77a29460b6ac53fbda9"
x-amz-request-id
S626DA2ABSVSCBT9
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
48
31e9bcb8-dc6d-41e7-84f9-c11d4d8b42d8
https://khak.com/ Frame 7C7E 		564 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://khak.com/31e9bcb8-dc6d-41e7-84f9-c11d4d8b42d8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
564
Content-Type
text/javascript
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202109271709/ Frame 7C7E 		178 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202109271709/wrap.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5e78e313a317a211bfa3520f6a5c764e61624b862025c1435742a7cdf851e9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:50 GMT
Content-Encoding
gzip
Age
622
X-Cache
HIT
Connection
keep-alive
Content-Length
58274
x-amz-id-2
J0c4kg0oWiy88nYwOZqTdD1bn8JLDCUbVe7NYlR8AHZvP52HU/jWxmvz94tgnrJvw9qyrLYRhJk=
X-Served-By
cache-hhn4075-HHN
Last-Modified
Mon, 27 Sep 2021 21:11:06 GMT
Server
AmazonS3
X-Timer
S1632925071.655425,VS0,VE0
ETag
"4134deb597556c79cee4127d752affbe"
x-amz-request-id
CF29KHMN0CHCCQBF
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1516
4a0f7e56-49c9-495a-b19b-dacf5c3bcf8b
https://khak.com/ Frame 7C7E 		187 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://khak.com/4a0f7e56-49c9-495a-b19b-dacf5c3bcf8b
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e00d7613f44c4ea756afff330ffa942ee537a4d7bcfb11c26da4ceb2e372e399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
191119
Content-Type
text/javascript
pwt.js
ads.pubmatic.com/AdServer/js/pwt/159745/4535/ Frame 7C7E 		174 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
fdb1605c8b1c61e76038cb28e4ca328f3717f02a4dbcbe4c1909b7583fe378c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 19:58:31 GMT
server
Apache/2.2.15 (CentOS)
etag
"1520db4-2b82d-5c4d365f5b665"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=24127
accept-ranges
bytes
content-type
text/javascript
content-length
56867
expires
Wed, 29 Sep 2021 20:59:58 GMT
b4a5681d-e4a5-4b48-8973-a885f7acfb11
https://khak.com/ Frame 7C7E 		435 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://khak.com/b4a5681d-e4a5-4b48-8973-a885f7acfb11
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a25b4ba9537e0f026e6a6de89402cd59edce7be96e098800bac3ff441365c446

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
445329
Content-Type
text/javascript
localstore.js
script.4dex.io/ Frame 7C7E 		483 B
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 Sep 2021 13:44:43 GMT
server
cloudflare
age
12
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
6965d65f8a992bdd-FRA
x-amz-request-id
2T3ADNM0NA6XVJTY
x-amz-id-2
jfJxyshidfcTxFueSvcRLpZDL5svkJH7V5xVWWKPLBAqwrRRvGkDD6FTjU7Ytu9bd2Xme4HjNt4=
expires
Wed, 29 Sep 2021 14:47:51 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 7C7E 		20 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: khak.com
URL: blob:https://khak.com/b4a5681d-e4a5-4b48-8973-a885f7acfb11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
70c5f9bd1f73d51f8bc520ca989ef32dbd930d4e386544760f1a4c3239ae1ca1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 29 Sep 2021 14:17:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
73938648-c8e6-4840-97fe-59d580fd02c6
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://khak.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 7C7E 		23 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.14.0
Requested by
Host: khak.com
URL: blob:https://khak.com/b4a5681d-e4a5-4b48-8973-a885f7acfb11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
26a9abf3bada374ab0667bd1568e5d4d3850cc8c124069da2fb24053c5d17fc4

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 29 Sep 2021 14:17:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://khak.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
c
prebid.a-mo.net/a/ Frame 7C7E 		861 B
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: khak.com
URL: blob:https://khak.com/b4a5681d-e4a5-4b48-8973-a885f7acfb11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
5f2be5be66b2d34c57fa41f7dce8e5af7a230678238c4de5b4f05172803fe97b

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://khak.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
112
content-length
356
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkhak.com%2F&domain=khak.com&cw=1&lsw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://khak.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://khak.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1643
date
Wed, 29 Sep 2021 14:17:50 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 7C7E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkhak.com%2F&domain=khak.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=zxJMP3xkVUQ4ZnFjMXpSdDdwL20yVUx3ZTQ5VzBtSFNEQ0syam9IeHo1YjVicE1TWlh3V1c4MTYvWCtFQXpEVThJME1VMXVGTkg2ejI0aGl5T0NYVXpxTmtlcGFXdXBtQzB3bHpMWDRHWkRGb1lmMUdLcjBkVVAvKzJ6bT...
347 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zxJMP3xkVUQ4ZnFjMXpSdDdwL20yVUx3ZTQ5VzBtSFNEQ0syam9IeHo1YjVicE1TWlh3V1c4MTYvWCtFQXpEVThJME1VMXVGTkg2ejI0aGl5T0NYVXpxTmtlcGFXdXBtQzB3bHpMWDRHWkRGb1lmMUdLcjBkVVAvKzJ6bTdtZSt1Wk9sYlJwcEtpVjBxUXRzREI1dUdzT3Z5UlNJM1JTMTJxNHdvOXNyV21UdXJzZG9Ma0dDclZYWFZCVkxkOVZ0QzBmR2kyclJEQ2RJL1RIYzM2RFh6UTN5Zm9FbkpwaWxFOVUvb1gwYzhiOGRpdzhrPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c83d91b1381b4c72877f0643addba9cad8b3246f8ab1e88efc7c36917dbeb6b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 29 Sep 2021 14:17:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2519
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 29 Sep 2021 14:17:51 GMT
location
https://mug.criteo.com/sid?cpp=zxJMP3xkVUQ4ZnFjMXpSdDdwL20yVUx3ZTQ5VzBtSFNEQ0syam9IeHo1YjVicE1TWlh3V1c4MTYvWCtFQXpEVThJME1VMXVGTkg2ejI0aGl5T0NYVXpxTmtlcGFXdXBtQzB3bHpMWDRHWkRGb1lmMUdLcjBkVVAvKzJ6bTdtZSt1Wk9sYlJwcEtpVjBxUXRzREI1dUdzT3Z5UlNJM1JTMTJxNHdvOXNyV21UdXJzZG9Ma0dDclZYWFZCVkxkOVZ0QzBmR2kyclJEQ2RJL1RIYzM2RFh6UTN5Zm9FbkpwaWxFOVUvb1gwYzhiOGRpdzhrPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://khak.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1821
content-length
482
expires
0
insync
thrtle.com/ Frame 7C7E
Redirect Chain
  • https://px.britepool.com/new?partner_id=t
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=6bb0720c-20f7-49f5-8fe9-c50f75f382a2
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=6bb0720c-20f7-49f5-8fe9-c50f75f382a2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Date
Wed, 29 Sep 2021 14:17:51 GMT
Server
nginx
Vary
negotiate,Accept-Encoding
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=6bb0720c-20f7-49f5-8fe9-c50f75f382a2
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
X-Request-Id
70860496e58b623a864bccdfd0841419
Expires
Sat, 26 Jul 1997 05:00:00 GMT
adagio.js
script.4dex.io/ Frame 7C7E 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: khak.com
URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dce90c8d06a68d557afc87d1783527292438bda3950121393107dcb663dae07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
420981
x-amz-request-id
1XAV1N2BPSFNQTSG
x-amz-id-2
yPRoKudYBUEP6mN4Zngr9w/eFpAL0SmrjOV2DAVUvcUiPUMzWwi0gcptt6uOpeCy4dtbqt65S14=
last-modified
Fri, 24 Sep 2021 13:44:41 GMT
server
cloudflare
etag
W/"6cbe4a566109f9ab6c378764f4c5ba22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
6965d65fe836695d-FRA
expires
Wed, 29 Sep 2021 14:47:51 GMT
2000775.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 1CC6
Redirect Chain
  • https://sync.serverbid.com/ss/2000775.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
fa18546f5b5a6667698d38979f6142d1342535e5e2a382348f9d4dca5d7d6965
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Host
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://khak.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

Date
Wed, 29 Sep 2021 14:17:51 GMT
Connection
Keep-Alive
Cache-Control
max-age=25964
Content-Length
4811
Content-Type
text/html
Last-Modified
Tue, 08 Dec 2020 16:33:02 GMT
Accept-Ranges
bytes
etag
"d7f9e977559b1f622a29df6af2acb392"
x-amz-request-id
tx000000000000001407afe-0061538939-82ef209-nyc3a
age
65
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-rgw-object-type
Normal
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1632925071.dop226.fr8.t,1632925071.cds258.fr8.shn,1632925071.dop226.fr8.t,1632925071.cds227.fr8.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
cache-control
no-cache
2000775.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame AF3F
Redirect Chain
  • https://sync.serverbid.com/ss/2000775.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
fa18546f5b5a6667698d38979f6142d1342535e5e2a382348f9d4dca5d7d6965
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Host
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://khak.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

Date
Wed, 29 Sep 2021 14:17:51 GMT
Connection
Keep-Alive
Cache-Control
max-age=28397
Content-Length
4811
Content-Type
text/html
Last-Modified
Tue, 08 Dec 2020 16:33:02 GMT
Accept-Ranges
bytes
etag
"d7f9e977559b1f622a29df6af2acb392"
x-amz-request-id
tx00000000000000fe09e60-00615392fb-67d82fc-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
447
x-rgw-object-type
Normal
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1632925071.dop221.fr8.t,1632925071.cds268.fr8.shn,1632925071.cds268.fr8.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
cache-control
no-cache
showad.js
ads.pubmatic.com/AdServer/js/ Frame C342 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=58868
expires
Thu, 30 Sep 2021 06:38:59 GMT
date
Wed, 29 Sep 2021 14:17:51 GMT
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 8920 		1006 B
861 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
edf3307794a7e8a1cfeb620942c5ab62e5752b40fba2de66daee508ecb95923c

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
cookie
i=0526c2e1-665e-0a9a-2343-32d67f04d7f4|1632925067
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=0526c2e1-665e-0a9a-2343-32d67f04d7f4|1632925067; Version=1; Expires=Thu, 29-Sep-2022 14:17:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1632925071|mOgeginskin0vNomiygu; Version=1; Expires=Thu, 14-Oct-2021 14:17:51 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 29 Sep 2021 14:17:51 GMT
content-type
text/html
content-length
544
content-encoding
gzip
via
1.1 google
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0267 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=58868
expires
Thu, 30 Sep 2021 06:38:59 GMT
date
Wed, 29 Sep 2021 14:17:51 GMT
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame BE94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

content-type
image/png
date
Wed, 29 Sep 2021 14:17:51 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
date
Wed, 29 Sep 2021 14:17:51 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
312
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 29-Sep-2021 14:32:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sync
eb2.3lift.com/ Frame DDC6
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
919009e570c40f9a6892224e41a8c3fd648842ee623f40fd0daea3e14ca5f9fe

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
cookie
tluid=6319926599683135819
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-type
text/html; charset=utf-8
content-length
462
set-cookie
sync=CgoIgQIQgfKsj8MvCgoI4gEQgfKsj8MvCgoI5gEQgfKsj8MvCgoIhwIQgfKsj8MvCgkICRCB8qyPwy8KCQg6EIHyrI_DLwoJCAsQgfKsj8MvCgoIjAIQgfKsj8MvCgoIzgEQgfKsj8MvCgkIXxCB8qyPwy8=; Max-Age=7776000; Expires=Tue, 28 Dec 2021 14:17:51 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=6319926599683135819; Max-Age=7776000; Expires=Tue, 28 Dec 2021 14:17:51 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
0
set-cookie
tluid=6319926599683135819; Max-Age=7776000; Expires=Tue, 28 Dec 2021 14:17:51 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync.html
cdn.undertone.com/js/ Frame E700 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

content-type
text/html
date
Tue, 28 Sep 2021 22:51:32 GMT
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 07:16:59 GMT
etag
W/"71d386aa3a4939b04d8b4f9c237f4eaf"
x-amz-version-id
6994YJvhVK.G.S8wNruUeW.ksGihHjjx
server
AmazonS3
x-edge-origin-shield-skipped
0
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
okrqShmrWwE2SlYAVUbhM5H5QmC2EpylXd6i9V_y2ZZwdxJUVQRERg==
age
55580
usersync.html
cdn.undertone.com/js/ Frame 2BDE 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

content-type
text/html
date
Tue, 28 Sep 2021 22:51:32 GMT
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 07:16:59 GMT
etag
W/"71d386aa3a4939b04d8b4f9c237f4eaf"
x-amz-version-id
6994YJvhVK.G.S8wNruUeW.ksGihHjjx
server
AmazonS3
x-edge-origin-shield-skipped
0
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
47Z22tzK4u2TU8kEWij3_Ohfy_gKvGIX8-jUnckJGt4-TFYsPXY5sg==
age
55580
usync.html
eus.rubiconproject.com/ Frame CE13 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://khak.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==; ses2=173188^1; vis2=173188^1; ses15=173188^1; vis15=173188^1; khaos=KU5LFACW-M-LTP0; ses57=; vis57=173188^1; audit=1|naVuGyos1qoOy0TTl/QxIEZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lnB3RSpJcaPk0TAqrg4P1ivgcRgjl6EitXZpcvlxac5A3OlDu/ORdD8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40018-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 Sep 2021 14:17:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame F431
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
919009e570c40f9a6892224e41a8c3fd648842ee623f40fd0daea3e14ca5f9fe

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
cookie
tluid=6319926599683135819
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-type
text/html; charset=utf-8
content-length
462
set-cookie
sync=CgoIgQIQ_fGsj8MvCgoI4gEQ_fGsj8MvCgoI5gEQ_fGsj8MvCgoIhwIQ_fGsj8MvCgkICRD98ayPwy8KCQg6EP3xrI_DLwoJCAsQ_fGsj8MvCgoIjAIQ_fGsj8MvCgoIzgEQ_fGsj8MvCgkIXxD98ayPwy8=; Max-Age=7776000; Expires=Tue, 28 Dec 2021 14:17:51 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=6319926599683135819; Max-Age=7776000; Expires=Tue, 28 Dec 2021 14:17:51 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
0
set-cookie
tluid=8054642540562397870; Max-Age=7776000; Expires=Tue, 28 Dec 2021 14:17:51 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame 2E13 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://khak.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 29 Sep 2021 14:17:51 GMT
Connection
keep-alive
checksync.php
contextual.media.net/ Frame 4AA8 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
709ca9109f90f86c97c470ee8b4632b818a97a9a9f7ed1617301dbeaafbf2b03
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Sat, 02 Apr 2022 14:17:51 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Fri, 01 Oct 2021 14:17:51 GMT
date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
7780
generic
match.adsrvr.org/track/cmf/ Frame 08C1 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method
GET
:authority
match.adsrvr.org
:scheme
https
:path
/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
cookie
TDID=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
checksync.php
contextual.media.net/ Frame 9884 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
709ca9109f90f86c97c470ee8b4632b818a97a9a9f7ed1617301dbeaafbf2b03
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Sat, 02 Apr 2022 14:17:51 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Fri, 01 Oct 2021 14:17:51 GMT
date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
7780
ixmatch.html
js-sec.indexww.com/um/ Frame BD6F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://khak.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 29 Sep 2021 14:17:51 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 72C3 		1006 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
edf3307794a7e8a1cfeb620942c5ab62e5752b40fba2de66daee508ecb95923c

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
cookie
i=0526c2e1-665e-0a9a-2343-32d67f04d7f4|1632925067
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=0526c2e1-665e-0a9a-2343-32d67f04d7f4|1632925067; Version=1; Expires=Thu, 29-Sep-2022 14:17:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1632925071|mOgeginskin0vNomiygu; Version=1; Expires=Thu, 14-Oct-2021 14:17:51 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 29 Sep 2021 14:17:51 GMT
content-type
text/html
content-length
544
content-encoding
gzip
via
1.1 google
alt-svc
clear
ibs:dpid=463291&dpuuid=ID5-ZHMOOM19qr-ZhmxWjFtM5zz6506H7o8ympRt0SE1Ug&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr...
dpm.demdex.net/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOOM19qr-ZhmxWjFtM5zz6506H7o8ympRt0SE1Ug&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOOM19qr-ZhmxWjFtM5zz6506H7o8ympRt0SE1Ug&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=efc9d6c7-c98b-4afb-ac37-0c4a63827086&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOM19qr-ZhmxWjFtM5zz6506H7o8ympRt0SE1Ug&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=efc9d6c7-c98b-4afb-ac37-0c4a63827086&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=17cf5794-7a0e-4b13-b491-ace7c771cb7f&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENmqFzMfkQVLKQ1NYr3ul-8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5961959193077058021&opid=apx&ops=&utidl=tech:goo:CAESENmqFzMfkQVLKQ1NYr3ul-8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A21122580252&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=4c07acbd1bf9d1ad7ca10a8ed41d0f3a&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOOM19qr-ZhmxWjFtM5zz6506H7o8ympRt0SE1Ug&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
0
0
usersync
rtb.gumgum.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=5961959193077058021
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=5961959193077058021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:51 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b2b1ac68-9f76-437a-8c64-db5c9eeb1f4e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=5961959193077058021
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=&gdpr=1&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.59.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-59-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame 39EE 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPNTJeEPNTJeEAXADAENBuCgAAAAAH_AAAAAAAAQbAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRNYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoO9jTCEMt8CKBR_RUYCNZogWBkJCwcxwBICXiwAAA.YAAAAAAAAAAA&d=https://khak.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Content-Length
54
Expires
Wed, 29 Sep 2021 14:17:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:51 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 7502 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPNTJeEPNTJeEAXADAENBuCgAAAAAH_AAAAAAAAQbAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRNYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoO9jTCEMt8CKBR_RUYCNZogWBkJCwcxwBICXiwAAA.YAAAAAAAAAAA&d=https://khak.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Content-Length
54
Expires
Wed, 29 Sep 2021 14:17:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:51 GMT
Connection
keep-alive
PugMaster
image6.pubmatic.com/AdServer/ Frame 0267 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13431845&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:50 GMT
content-length
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zxJMP3xkVUQ4ZnFjMXpSdDdwL20yVUx3ZTQ5VzBtSFNEQ0syam9IeHo1YjVicE1TWlh3V1c4MTYvWCtFQXpEVThJME1VMXVGTkg2ejI0aGl5T0NYVXpxTmtlcGFXdXBtQzB3bHpMWDRHWkRGb1lmMUdLcjBkVVAvKzJ6bTdtZSt1Wk9sYlJwcEtpVjBxUXRzREI1dUdzT3Z5UlNJM1JTMTJxNHdvOXNyV21UdXJzZG9Ma0dDclZYWFZCVkxkOVZ0QzBmR2kyclJEQ2RJL1RIYzM2RFh6UTN5Zm9FbkpwaWxFOVUvb1gwYzhiOGRpdzhrPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1225
date
Wed, 29 Sep 2021 14:17:51 GMT
content-encoding
gzip
vary
Accept-Encoding
sd
eu-u.openx.net/w/1.0/ Frame 8920
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QDKCbHSQ1MvAp95
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QDKCbHSQ1MvAp95
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:51 GMT
Server
PingMatch/8a430fa#rel-ec2-master i-0ab67c5d8ba5329d8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QDKCbHSQ1MvAp95
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8920
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=463cb130-4958-4b79-ad34-ffed1efc1873
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=463cb130-4958-4b79-ad34-ffed1efc1873
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=463cb130-4958-4b79-ad34-ffed1efc1873
date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
eu-u.openx.net/w/1.0/ Frame 8920
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5961959193077058021
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5961959193077058021
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:51 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
05f46ff4-9ee6-4059-8321-5f270ba31c15
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5961959193077058021
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame 8920
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDcTcwN0NxT3NBQURncWkxR1ZrZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACq707CqOsAADgqi1GVkg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACq707CqOsAADgqi1GVkg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACq707CqOsAADgqi1GVkg&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACq707CqOsAADgqi1GVkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACq707CqOsAADgqi1GVkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACq707CqOsAADgqi1GVkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame 8920
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7f006154-758f-4c00-974d-aa5f04d88538
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7f006154-758f-4c00-974d-aa5f04d88538
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 29 Sep 2021 14:17:51 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7f006154-758f-4c00-974d-aa5f04d88538
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 29 Sep 2021 14:17:50 GMT
sd
us-u.openx.net/w/1.0/ Frame 8920
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Lu1yry_pf_01uHepebpqqiu-fq017X6iL-QpK08C
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Lu1yry_pf_01uHepebpqqiu-fq017X6iL-QpK08C
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Lu1yry_pf_01uHepebpqqiu-fq017X6iL-QpK08C
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 8920
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5786969068973057725
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5786969068973057725
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5786969068973057725
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 8920 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=d68afdb8-cfd9-356d-7995-fa3e1b23e409&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 8920 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmFlNTJlNzItMDZhZS02YmM5LTZjNzUtYTA4N2QxYzEyYTY5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8920
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMx7T8H34BQwLovR5tbEu-s&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMx7T8H34BQwLovR5tbEu-s&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMx7T8H34BQwLovR5tbEu-s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 72C3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QDKCbHSQ1MvAp95
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QDKCbHSQ1MvAp95
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:50 GMT
Server
PingMatch/8a430fa#rel-ec2-master i-036989daef33ebbfa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QDKCbHSQ1MvAp95
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 72C3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=463cb130-4958-4b79-ad34-ffed1efc1873
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=1e328c9f-5de2-4e8b-99d7-7cd69cd2df84&expires=10&ssp=openx&bsw_param=463cb130-4958-4b79-ad34-ffed1efc1873
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=463cb130-4958-4b79-ad34-ffed1efc1873
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=463cb130-4958-4b79-ad34-ffed1efc1873
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=463cb130-4958-4b79-ad34-ffed1efc1873
date
Wed, 29 Sep 2021 14:17:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
eu-u.openx.net/w/1.0/ Frame 72C3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5961959193077058021
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5961959193077058021
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:51 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6d9b0dfe-8e23-4ed1-8248-db644f3414b7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5961959193077058021
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame 72C3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDcmgwN0NxT3NBQUJ2c2RlTzVTZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACq707CqOsAADgqi1GVkg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACq707CqOsAADgqi1GVkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACq707CqOsAADgqi1GVkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACq707CqOsAADgqi1GVkg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame 72C3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8e356154-758f-4900-8b4b-04d74bf9f549
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8e356154-758f-4900-8b4b-04d74bf9f549
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 29 Sep 2021 14:17:51 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8e356154-758f-4900-8b4b-04d74bf9f549
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 29 Sep 2021 14:17:50 GMT
sd
us-u.openx.net/w/1.0/ Frame 72C3
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wicAhcMjDdfZcgWCxSQYgs0kBdPZLweHkSdt1xMh
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wicAhcMjDdfZcgWCxSQYgs0kBdPZLweHkSdt1xMh
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wicAhcMjDdfZcgWCxSQYgs0kBdPZLweHkSdt1xMh
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 72C3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8196793949875099847
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8196793949875099847
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8196793949875099847
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 72C3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=d68afdb8-cfd9-356d-7995-fa3e1b23e409&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 72C3 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmFlNTJlNzItMDZhZS02YmM5LTZjNzUtYTA4N2QxYzEyYTY5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 72C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEARz_g7UPqEloDVZHzuXeaU&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEARz_g7UPqEloDVZHzuXeaU&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEARz_g7UPqEloDVZHzuXeaU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame A8C7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==; ses2=173188^1; vis2=173188^1; ses15=173188^1; vis15=173188^1; khaos=KU5LFACW-M-LTP0; ses57=; vis57=173188^1; audit=1|naVuGyos1qoOy0TTl/QxIEZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lnB3RSpJcaPk0TAqrg4P1ivgcRgjl6EitXZpcvlxac5A3OlDu/ORdD8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40018-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 Sep 2021 14:17:51 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Wed, 29 Sep 2021 14:17:51 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync
usr.undertone.com/userPixel/ Frame E700
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=5961959193077058021
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=5961959193077058021
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-252-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:51 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
00960bce-8c34-483d-8287-74d2286689be
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=5961959193077058021
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame E700
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9de79a9f-cf76-090e-1310-e5f9ec8fc45b
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9de79a9f-cf76-090e-1310-e5f9ec8fc45b
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-252-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9de79a9f-cf76-090e-1310-e5f9ec8fc45b
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame E700
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0804023d-2130-11ec-90d3-062f19f979bc
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0804023d-2130-11ec-90d3-062f19f979bc&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-UJ4GZ1pE2uG1uEe50oF9Se_P1YC2KsdG~A~UP0804023d-2130-11ec-90d3-062f19f979bc
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-UJ4GZ1pE2uG1uEe50oF9Se_P1YC2KsdG~A~UP0804023d-2130-11ec-90d3-062f19f979bc
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-252-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Wed, 29 Sep 2021 14:17:51 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-UJ4GZ1pE2uG1uEe50oF9Se_P1YC2KsdG~A~UP0804023d-2130-11ec-90d3-062f19f979bc
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame E700
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5&ttl=1635517071
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5&ttl=1635517071
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-252-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5&ttl=1635517071
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync.php
pixel.rubiconproject.com/exchange/ Frame E700 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame E700
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=1c1b3378267234924905014e79105fd96fe389c3
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=1c1b3378267234924905014e79105fd96fe389c3
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-252-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=1c1b3378267234924905014e79105fd96fe389c3
Date
Wed, 29 Sep 2021 14:17:52 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
sync
usr.undertone.com/userPixel/ Frame E700
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTI5NDI2MDItN0VCOC00QTIxLTg0MUEtNUU2NDdBRjJDNzMw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DFD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-252-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
date
Wed, 29 Sep 2021 14:17:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame CE13 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16c55383f3b9c3c5d1571105a923284df4d9670ba630518fdb34c2a57d1e33f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:32 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42599
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9355
Expires
Thu, 30 Sep 2021 02:07:50 GMT
sync
usr.undertone.com/userPixel/ Frame 2BDE
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=5961959193077058021
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=5961959193077058021
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-252-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:51 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
17216975-e390-4a0d-b2d8-90e9702dd6e2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=5961959193077058021
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 2BDE
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9de79a9f-cf76-090e-1310-e5f9ec8fc45b
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9de79a9f-cf76-090e-1310-e5f9ec8fc45b
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-252-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9de79a9f-cf76-090e-1310-e5f9ec8fc45b
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame 2BDE
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0804023d-2130-11ec-90d3-062f19f979bc
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0804023d-2130-11ec-90d3-062f19f979bc&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-UJ4GZ1pE2uG1uEe50oF9Se_P1YC2KsdG~A~UP0804023d-2130-11ec-90d3-062f19f979bc
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-UJ4GZ1pE2uG1uEe50oF9Se_P1YC2KsdG~A~UP0804023d-2130-11ec-90d3-062f19f979bc
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-252-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Wed, 29 Sep 2021 14:17:51 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-UJ4GZ1pE2uG1uEe50oF9Se_P1YC2KsdG~A~UP0804023d-2130-11ec-90d3-062f19f979bc
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame 2BDE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5&ttl=1635517071
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5&ttl=1635517071
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-252-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5&ttl=1635517071
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync.php
pixel.rubiconproject.com/exchange/ Frame 2BDE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame 2BDE
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=1c1b3378267234924905014e79105fd96fe389c3
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=1c1b3378267234924905014e79105fd96fe389c3
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-252-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=1c1b3378267234924905014e79105fd96fe389c3
Date
Wed, 29 Sep 2021 14:17:52 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
sync
usr.undertone.com/userPixel/ Frame 2BDE
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkQwRjkyQUUtMzE0My00QTdCLUI2QjMtMEU1RTJFRjFDQzkx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DFD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-252-174.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.html
eus.rubiconproject.com/ Frame 0C47
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==; ses2=173188^1; vis2=173188^1; ses15=173188^1; vis15=173188^1; khaos=KU5LFACW-M-LTP0; ses57=; vis57=173188^1; audit=1|naVuGyos1qoOy0TTl/QxIEZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lnB3RSpJcaPk0TAqrg4P1ivgcRgjl6EitXZpcvlxac5A3OlDu/ORdD8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40018-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 Sep 2021 14:17:51 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Wed, 29 Sep 2021 14:17:51 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
generic
match.adsrvr.org/track/cmf/ Frame F431 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame F431
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPAh2t5Mf9vnq7SC59wtIBc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPAh2t5Mf9vnq7SC59wtIBc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPAh2t5Mf9vnq7SC59wtIBc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F431
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjMxOTkyNjU5OTY4MzEzNTgxOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjMxOTkyNjU5OTY4MzEzNTgxOQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjMxOTkyNjU5OTY4MzEzNTgxOQ%3D%3D
date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame F431 		0
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=6319926599683135819&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
PbvHmrNQqRYwsXfnlSsAAA==
xuid
eb2.3lift.com/ Frame F431
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/6319926599683135819?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-9V2X_uNE2oRdlgJ_rLSz8cwwBNe063X51LjfIR.Xbg--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-9V2X_uNE2oRdlgJ_rLSz8cwwBNe063X51LjfIR.Xbg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 29 Sep 2021 14:17:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-9V2X_uNE2oRdlgJ_rLSz8cwwBNe063X51LjfIR.Xbg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame F431 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=6319926599683135819&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.59.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-59-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
c.gif
c.bing.com/ Frame F431 		42 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=6319926599683135819&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
etag
"367bb54357aad71:0"
last-modified
Wed, 15 Sep 2021 17:29:40 GMT
x-msedge-ref
Ref A: 007B709A2D7948B4A202C6813E41D87E Ref B: FRAEDGE1212 Ref C: 2021-09-29T14:17:51Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame F431
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=6319926599683135819
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6319926599683135819&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6319926599683135819&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
87QKM520844HQYFSN3V1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6319926599683135819&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame F431
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame F431
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4471594501900226551&dongle=d407
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=4471594501900226551&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=4471594501900226551&dongle=d407
pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame DDC6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame DDC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPAh2t5Mf9vnq7SC59wtIBc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPAh2t5Mf9vnq7SC59wtIBc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPAh2t5Mf9vnq7SC59wtIBc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DDC6
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjMxOTkyNjU5OTY4MzEzNTgxOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjMxOTkyNjU5OTY4MzEzNTgxOQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjMxOTkyNjU5OTY4MzEzNTgxOQ%3D%3D
date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame DDC6 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=6319926599683135819&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
8r3mmrNQqRagiBG0lSsAAA==
xuid
eb2.3lift.com/ Frame DDC6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/6319926599683135819?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-ojK1IuNE2oQJ6vvvx148Ugl6.yf0OzOjkuIRJmmbnA--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ojK1IuNE2oQJ6vvvx148Ugl6.yf0OzOjkuIRJmmbnA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 29 Sep 2021 14:17:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-ojK1IuNE2oQJ6vvvx148Ugl6.yf0OzOjkuIRJmmbnA--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame DDC6 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=6319926599683135819&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.59.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-59-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
c.gif
c.bing.com/ Frame DDC6 		42 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=6319926599683135819&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
etag
"367bb54357aad71:0"
last-modified
Wed, 15 Sep 2021 17:29:40 GMT
x-msedge-ref
Ref A: 9EEF76801ED84F4B9CE11913E5F2E92D Ref B: FRAEDGE1212 Ref C: 2021-09-29T14:17:51Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame DDC6
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=6319926599683135819
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6319926599683135819&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6319926599683135819&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EYDWYN153XYXAYDH71TC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6319926599683135819&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame DDC6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame DDC6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4543652095938154487&dongle=d407
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=4543652095938154487&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=4543652095938154487&dongle=d407
pragma
no-cache
date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usync.js
eus.rubiconproject.com/ Frame A8C7 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16c55383f3b9c3c5d1571105a923284df4d9670ba630518fdb34c2a57d1e33f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:32 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42599
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9355
Expires
Thu, 30 Sep 2021 02:07:50 GMT
usync.js
eus.rubiconproject.com/ Frame 0C47 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16c55383f3b9c3c5d1571105a923284df4d9670ba630518fdb34c2a57d1e33f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:32 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42599
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9355
Expires
Thu, 30 Sep 2021 02:07:50 GMT
um
cs.emxdgt.com/ Frame 04BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-type
text/html
date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame 5132
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==; ses2=173188^1; vis2=173188^1; ses15=173188^1; vis15=173188^1; khaos=KU5LFACW-M-LTP0; ses57=; vis57=173188^1; audit=1|naVuGyos1qoOy0TTl/QxIEZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lnB3RSpJcaPk0TAqrg4P1ivgcRgjl6EitXZpcvlxac5A3OlDu/ORdD8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40018-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 Sep 2021 14:17:52 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Wed, 29 Sep 2021 14:17:51 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cookie set uc.html
go.sonobi.com/ Frame 56A6 		43 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.148 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Cookie
HAPLB5A=s56129|YVR1j
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-ams-1-7-8
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5G=s578|YVR1k; path=/; domain=.go.sonobi.com; SameSite=None; secure
usersync.html
ad-cdn.technoratimedia.com/html/ Frame FD1D 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
576
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Wed, 29 Sep 2021 14:17:52 GMT
etag
"450f-5c7a90520f640"
expires
Wed, 29 Sep 2021 14:32:52 GMT
last-modified
Wed, 21 Jul 2021 21:40:33 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (frd/E2F8)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
247275844
content-length
5566
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C3A9 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
cookie
KCCH=YES; KTPCACOOKIE=YES; SyncRTB3=1634083200%3A220; ipc=160318^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID^1^0; chkChromeAb67Sec=1; KADUSERCOOKIE=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=136790
expires
Fri, 01 Oct 2021 04:17:41 GMT
date
Wed, 29 Sep 2021 14:17:51 GMT
vary
Accept-Encoding
i.gif
e.serverbid.com/udb/9969/sync/ Frame AF3F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=5961959193077058021
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=5961959193077058021
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:51 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2cb34c56-4644-4f1f-8c8d-798dd90230e8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=5961959193077058021
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame AF3F 		0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D51%26userId%3D%5BUSER_ID%5D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
737988082
access-control-allow-origin
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
access-control-allow-credentials
true
i.gif
e.serverbid.com/udb/9969/sync/ Frame AF3F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YVR1jwDC4aiWdcgMp4DnZgAA%261149
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Wed, 29 Sep 2021 14:17:52 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame AF3F
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=99fec256b85ec766687ca3bd
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=99fec256b85ec766687ca3bd
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
0

Redirect headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=99fec256b85ec766687ca3bd
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usa
sync.go.sonobi.com/ Frame AF3F 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame AF3F
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0804023d-2130-11ec-90d3-062f19f979bc
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0804023d-2130-11ec-90d3-062f19f979bc
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0804023d-2130-11ec-90d3-062f19f979bc
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
0

Redirect headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0804023d-2130-11ec-90d3-062f19f979bc
Connection
keep-alive
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame AF3F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=consumable
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=463cb130-4958-4b79-ad34-ffed1efc1873
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=463cb130-4958-4b79-ad34-ffed1efc1873
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
0

Redirect headers

location
//e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=463cb130-4958-4b79-ad34-ffed1efc1873
date
Wed, 29 Sep 2021 14:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame 1CC6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=5961959193077058021
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=5961959193077058021
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:51 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3f723aed-780e-406f-99f6-6df0a54c4393
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=5961959193077058021
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame 1CC6 		0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D51%26userId%3D%5BUSER_ID%5D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
649778017
access-control-allow-origin
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
access-control-allow-credentials
true
i.gif
e.serverbid.com/udb/9969/sync/ Frame 1CC6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YVR1jwDC4aiWdcgMp4DnZgAA%261149
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Wed, 29 Sep 2021 14:17:52 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 1CC6
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=99fec256b85ec766687ca3bd
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=99fec256b85ec766687ca3bd
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
0

Redirect headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=99fec256b85ec766687ca3bd
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usa
sync.go.sonobi.com/ Frame 1CC6 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 1CC6
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0804023d-2130-11ec-90d3-062f19f979bc
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0804023d-2130-11ec-90d3-062f19f979bc
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0804023d-2130-11ec-90d3-062f19f979bc
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
0

Redirect headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0804023d-2130-11ec-90d3-062f19f979bc
Connection
keep-alive
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame 1CC6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=consumable
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=463cb130-4958-4b79-ad34-ffed1efc1873
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=463cb130-4958-4b79-ad34-ffed1efc1873
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
content-length
0

Redirect headers

location
//e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=463cb130-4958-4b79-ad34-ffed1efc1873
date
Wed, 29 Sep 2021 14:17:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
um
cs.emxdgt.com/ Frame 2436 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-type
text/html
date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame 179A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==; ses2=173188^1; vis2=173188^1; ses15=173188^1; vis15=173188^1; khaos=KU5LFACW-M-LTP0; ses57=; vis57=173188^1; audit=1|naVuGyos1qoOy0TTl/QxIEZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lnB3RSpJcaPk0TAqrg4P1ivgcRgjl6EitXZpcvlxac5A3OlDu/ORdD8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40018-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 Sep 2021 14:17:52 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Wed, 29 Sep 2021 14:17:52 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cookie set uc.html
go.sonobi.com/ Frame B4BB 		43 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.148 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Cookie
HAPLB5A=s56129|YVR1j
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-ams-1-7-8
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5G=s578|YVR1k; path=/; domain=.go.sonobi.com; SameSite=None; secure
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 63E6 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
576
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Wed, 29 Sep 2021 14:17:52 GMT
etag
"450f-5c7a90520f640"
expires
Wed, 29 Sep 2021 14:32:52 GMT
last-modified
Wed, 21 Jul 2021 21:40:33 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (frd/E2F8)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
247275844
content-length
5566
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B773 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
cookie
KCCH=YES; KTPCACOOKIE=YES; SyncRTB3=1634083200%3A220; ipc=160318^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID^1^0; chkChromeAb67Sec=1; KADUSERCOOKIE=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=136789
expires
Fri, 01 Oct 2021 04:17:41 GMT
date
Wed, 29 Sep 2021 14:17:52 GMT
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 5132 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16c55383f3b9c3c5d1571105a923284df4d9670ba630518fdb34c2a57d1e33f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:32 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42598
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9355
Expires
Thu, 30 Sep 2021 02:07:50 GMT
usync.js
eus.rubiconproject.com/ Frame 179A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16c55383f3b9c3c5d1571105a923284df4d9670ba630518fdb34c2a57d1e33f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:32 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42598
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9355
Expires
Thu, 30 Sep 2021 02:07:50 GMT
services
uat-net.technoratimedia.com/ Frame FD1D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
0
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
347894318
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
usync.html
eus.rubiconproject.com/ Frame C66B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ad-cdn.technoratimedia.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==; ses2=173188^1; vis2=173188^1; ses15=173188^1; vis15=173188^1; khaos=KU5LFACW-M-LTP0; ses57=; vis57=173188^1; audit=1|naVuGyos1qoOy0TTl/QxIEZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lnB3RSpJcaPk0TAqrg4P1ivgcRgjl6EitXZpcvlxac5A3OlDu/ORdD8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40018-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 Sep 2021 14:17:52 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Date
Wed, 29 Sep 2021 14:17:52 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E4EC 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad-cdn.technoratimedia.com/
accept-encoding
gzip, deflate, br
cookie
KCCH=YES; SyncRTB3=1634083200%3A220; KADUSERCOOKIE=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91; PUBMDCID=3; KRTBCOOKIE_699=22727-AACq707CqOsAADgqi1GVkg; PugT=1632925072; chkChromeAb67Sec=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=136789
expires
Fri, 01 Oct 2021 04:17:41 GMT
date
Wed, 29 Sep 2021 14:17:52 GMT
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 8474 		923 B
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
48374dc4cd8df81ea351c02a7f3309ac099f8757c12bcbc80d7ce72a4e390cd4

Request headers

:method
GET
:authority
us-u.openx.net
:scheme
https
:path
/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad-cdn.technoratimedia.com/
accept-encoding
gzip, deflate, br
cookie
i=0526c2e1-665e-0a9a-2343-32d67f04d7f4|1632925067; pd=v2|1632925071|mOgeginskin0vNomiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=0526c2e1-665e-0a9a-2343-32d67f04d7f4|1632925067; Version=1; Expires=Thu, 29-Sep-2022 14:17:52 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1632925071.1|kiiymOgevNomgunsn0gi.j8gmmWjofcsHqGgqsLiS; Version=1; Expires=Thu, 14-Oct-2021 14:17:52 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 29 Sep 2021 14:17:52 GMT
content-type
text/html
content-length
539
content-encoding
gzip
via
1.1 google
alt-svc
clear
/
cdn.districtm.io/ids/ Frame 378B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/?sellerid=101769
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/?sellerid=101769
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad-cdn.technoratimedia.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6965d665fd52edf7-CDG
ps
pixel.33across.com/ Frame FF09 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

:method
GET
:authority
pixel.33across.com
:scheme
https
:path
/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad-cdn.technoratimedia.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Wed, 29 Sep 2021 14:17:51 GMT
/
onetag-sys.com/usync/ Frame E184 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=572a470226457b8
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=572a470226457b8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad-cdn.technoratimedia.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
technorati
sync.1rx.io/usersync2/ Frame FD1D 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync2/technorati
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
expires
0
services
sync.technoratimedia.com/ Frame FD1D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5961959193077058021
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5961959193077058021
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
939465091
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1c2929c9-acaa-4dcd-a5a6-68850e71f424
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5961959193077058021
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame FD1D
Redirect Chain
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
963977763
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1600
date
Wed, 29 Sep 2021 14:17:52 GMT
content-length
185
content-type
text/html; charset=utf-8
sync
sync.bfmio.com/ Frame FD1D
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=164
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.159.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-159-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 29 Sep 2021 14:17:52 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame FD1D
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=163
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.159.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-159-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 29 Sep 2021 14:17:52 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
services
uat-net.technoratimedia.com/ Frame FD1D
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=0854aadc-2...
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=0855d6bf-2130-11ec-8cee-12b1ce320406
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=0855d6bf-2130-11ec-8cee-12b1ce320406
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
736764341
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
nginx
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=0855d6bf-2130-11ec-8cee-12b1ce320406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
65
Connection
keep-alive
Content-Length
0
syn
match.prod.bidr.io/cookie-sync/ Frame FD1D 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/syn
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.6.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-6-213.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
09a6d59f29991351a3146cbc0dfb7c6104ae603120337b7ec05da94c703493da
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
20
strict-transport-security
max-age=2592000; includeSubDomains
content-type
text/plain
rtb-h
match.taboola.com/sg/synacor-ssp-network/1/ Frame FD1D
Redirect Chain
  • https://trc.taboola.com/sg/synacor-ssp-network/1/rtb-h/?taboola_hm=1
  • https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=78608f14-de77-4a26-b294-f30495b498a7-tuct84dfb10&query=taboola_hm%3D1&isDirect=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=78608f14-de77-4a26-b294-f30495b498a7-tuct84dfb10&query=taboola_hm%3D1&isDirect=0
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

x-vcl-time-ms
8
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
x-timer
S1632925072.299102,VS0,VE8
x-cache
MISS
location
https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=78608f14-de77-4a26-b294-f30495b498a7-tuct84dfb10&query=taboola_hm%3D1&isDirect=0
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19139-FRA
services
sync.technoratimedia.com/ Frame FD1D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4737501243
  • https://sync.1rx.io/usersync/tradedesk/993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
  • https://sync.targeting.unrulymedia.com/csync/RX-95834b00-5507-423d-85d0-525e2eac571b-003?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-95834b00-5507-423d-...
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-95834b00-5507-423d-85d0-525e2eac571b-003
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-95834b00-5507-423d-85d0-525e2eac571b-003
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
773751897
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-95834b00-5507-423d-85d0-525e2eac571b-003
date
Wed, 29 Sep 2021 14:17:52 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX95834b005507423d85d0525e2eac571b003
content-type
text/html
services
uat-net.technoratimedia.com/ Frame FD1D
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=efc9d6c7-c98b-4afb-ac37-0c4a63827086
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=efc9d6c7-c98b-4afb-ac37-0c4a63827086
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
479852794
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=efc9d6c7-c98b-4afb-ac37-0c4a63827086
date
Wed, 29 Sep 2021 14:17:52 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
services
uat-net.technoratimedia.com/ Frame FD1D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-IQilnnNE2uGw9bK3eowY6FoQWs0Coii1~A
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-IQilnnNE2uGw9bK3eowY6FoQWs0Coii1~A
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
304070914
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-IQilnnNE2uGw9bK3eowY6FoQWs0Coii1~A
Connection
keep-alive
Content-Length
0
services
uat-net.technoratimedia.com/ Frame FD1D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YVR1jwDC4aiWdcgMp4DnZgAA%261149
0
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1245386
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
286
Expires
Wed, 29 Sep 2021 14:17:52 GMT
services
uat-net.technoratimedia.com/ Frame FD1D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?rurl=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs&pid=83&uid=%%VGUID%%
  • https://uat-net.technoratimedia.com/services?srv=cs&uid=BZQ4vk3EKqFe&pid=83
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&uid=BZQ4vk3EKqFe&pid=83
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
664521414
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://uat-net.technoratimedia.com/services?srv=cs&uid=BZQ4vk3EKqFe&pid=83
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7cfb485474-bj5sl
expires
-1
usersync
match.bnmla.com/ Frame FD1D 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.bnmla.com/usersync?sspid=1000237&redir=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs%26pid=84%26uid=%5BUUID%5D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
technorati
sync.1rx.io/usersync2/ Frame 63E6 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync2/technorati
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
expires
0
services
uat-net.technoratimedia.com/ Frame 63E6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
0
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1474727
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
usync.html
eus.rubiconproject.com/ Frame 94E9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ad-cdn.technoratimedia.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==; ses2=173188^1; vis2=173188^1; ses15=173188^1; vis15=173188^1; khaos=KU5LFACW-M-LTP0; ses57=; vis57=173188^1; audit=1|naVuGyos1qoOy0TTl/QxIEZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lnB3RSpJcaPk0TAqrg4P1ivgcRgjl6EitXZpcvlxac5A3OlDu/ORdD8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40018-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 Sep 2021 14:17:52 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Date
Wed, 29 Sep 2021 14:17:52 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C1CA 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156344&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad-cdn.technoratimedia.com/
accept-encoding
gzip, deflate, br
cookie
KCCH=YES; SyncRTB3=1634083200%3A220; KADUSERCOOKIE=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91; PUBMDCID=3; KRTBCOOKIE_699=22727-AACq707CqOsAADgqi1GVkg; PugT=1632925072; chkChromeAb67Sec=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=136789
expires
Fri, 01 Oct 2021 04:17:41 GMT
date
Wed, 29 Sep 2021 14:17:52 GMT
vary
Accept-Encoding
services
sync.technoratimedia.com/ Frame 63E6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=$UID
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5961959193077058021
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5961959193077058021
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
871040771
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c6b0f2c7-59b1-48b5-a53e-9fe475aaaa4e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=5961959193077058021
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame F54F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
021503a2526ae2eb6fb96689c7e4edb950a21735f80d83312f58bd007b5b8ee2

Request headers

:method
GET
:authority
us-u.openx.net
:scheme
https
:path
/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad-cdn.technoratimedia.com/
accept-encoding
gzip, deflate, br
cookie
i=0526c2e1-665e-0a9a-2343-32d67f04d7f4|1632925067; pd=v2|1632925071.1|kiiymOgevNomgunsn0gi.j8gmmWjofcsHqGgqsLiS
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=0526c2e1-665e-0a9a-2343-32d67f04d7f4|1632925067; Version=1; Expires=Thu, 29-Sep-2022 14:17:52 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1632925071.1|kiiymOgevNomgunsn0gi.fogSj8w0gmmWvStujofcsHqGgqvtmuvQsLiSsfrF; Version=1; Expires=Thu, 14-Oct-2021 14:17:52 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 29 Sep 2021 14:17:52 GMT
content-type
text/html
content-length
708
content-encoding
gzip
via
1.1 google
alt-svc
clear
/
cdn.districtm.io/ids/ Frame 9DCF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/?sellerid=101769
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/?sellerid=101769
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad-cdn.technoratimedia.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6965d6660d56edf7-CDG
ps
pixel.33across.com/ Frame 504E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

:method
GET
:authority
pixel.33across.com
:scheme
https
:path
/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad-cdn.technoratimedia.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Wed, 29 Sep 2021 14:17:51 GMT
services
sync.technoratimedia.com/ Frame 63E6
Redirect Chain
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
827634547
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1507
date
Wed, 29 Sep 2021 14:17:51 GMT
content-length
185
content-type
text/html; charset=utf-8
sync
sync.bfmio.com/ Frame 63E6
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=164
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.159.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-159-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 29 Sep 2021 14:17:52 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame 63E6
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=163
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.159.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-159-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 29 Sep 2021 14:17:52 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
services
uat-net.technoratimedia.com/ Frame 63E6
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8725&redir=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D72%26uid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=0855d711-2...
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=0855d6bf-2130-11ec-8cee-12b1ce320406
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=0855d6bf-2130-11ec-8cee-12b1ce320406
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
664521408
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
nginx
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=72&uid=0855d6bf-2130-11ec-8cee-12b1ce320406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
66
Connection
keep-alive
Content-Length
0
syn
match.prod.bidr.io/cookie-sync/ Frame 63E6 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/syn
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.6.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-6-213.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
09a6d59f29991351a3146cbc0dfb7c6104ae603120337b7ec05da94c703493da
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
20
strict-transport-security
max-age=2592000; includeSubDomains
content-type
text/plain
rtb-h
match.taboola.com/sg/synacor-ssp-network/1/ Frame 63E6
Redirect Chain
  • https://trc.taboola.com/sg/synacor-ssp-network/1/rtb-h/?taboola_hm=1
  • https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=13b7ad33-f325-41f6-ad7c-6bb125a750f5-tuct84dfb10&query=taboola_hm%3D1&isDirect=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=13b7ad33-f325-41f6-ad7c-6bb125a750f5-tuct84dfb10&query=taboola_hm%3D1&isDirect=0
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

x-vcl-time-ms
9
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
x-timer
S1632925072.299286,VS0,VE9
x-cache
MISS
location
https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=13b7ad33-f325-41f6-ad7c-6bb125a750f5-tuct84dfb10&query=taboola_hm%3D1&isDirect=0
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19139-FRA
services
sync.technoratimedia.com/ Frame 63E6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1915205376
  • https://sync.1rx.io/usersync/tradedesk/993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
  • https://sync.targeting.unrulymedia.com/csync/RX-95834b00-5507-423d-85d0-525e2eac571b-003?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-95834b00-5507-423d-...
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-95834b00-5507-423d-85d0-525e2eac571b-003
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-95834b00-5507-423d-85d0-525e2eac571b-003
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1022900375
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-95834b00-5507-423d-85d0-525e2eac571b-003
date
Wed, 29 Sep 2021 14:17:52 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX95834b005507423d85d0525e2eac571b003
content-type
text/html
/
onetag-sys.com/usync/ Frame B6A0 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=572a470226457b8
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=572a470226457b8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad-cdn.technoratimedia.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
services
uat-net.technoratimedia.com/ Frame 63E6
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=efc9d6c7-c98b-4afb-ac37-0c4a63827086
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=efc9d6c7-c98b-4afb-ac37-0c4a63827086
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
206601962
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=79&uid=efc9d6c7-c98b-4afb-ac37-0c4a63827086
date
Wed, 29 Sep 2021 14:17:52 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
services
uat-net.technoratimedia.com/ Frame 63E6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-IQilnnNE2uGw9bK3eowY6FoQWs0Coii1~A
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-IQilnnNE2uGw9bK3eowY6FoQWs0Coii1~A
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
206601960
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-IQilnnNE2uGw9bK3eowY6FoQWs0Coii1~A
Connection
keep-alive
Content-Length
0
services
uat-net.technoratimedia.com/ Frame 63E6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fuat-net.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YVR1jwDC4aiWdcgMp4DnZgAA%261149
0
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1245388
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=82&uid=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
286
Expires
Wed, 29 Sep 2021 14:17:52 GMT
services
uat-net.technoratimedia.com/ Frame 63E6
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?rurl=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs&pid=83&uid=%%VGUID%%
  • https://uat-net.technoratimedia.com/services?srv=cs&uid=oxFpF5Hduprb&pid=83
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&uid=oxFpF5Hduprb&pid=83
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
864466263
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://uat-net.technoratimedia.com/services?srv=cs&uid=oxFpF5Hduprb&pid=83
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7cfb485474-dm4ph
expires
-1
usersync
match.bnmla.com/ Frame 63E6 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.bnmla.com/usersync?sspid=1000237&redir=https%3A%2F%2Fuat-net.technoratimedia.com/services?srv=cs%26pid=84%26uid=%5BUUID%5D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
services
sync.technoratimedia.com/ Frame 8474 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=ebe6b206-a88e-0d5e-1355-e45e2fc3daef
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
844313560
access-control-allow-origin
https://us-u.openx.net/
access-control-allow-credentials
true
sd
us-u.openx.net/w/1.0/ Frame 8474
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=284AAB351A614177ABCF2F6B46093D1F
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=284AAB351A614177ABCF2F6B46093D1F
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 29 Sep 2021 14:17:52 GMT
x-content-type-options
nosniff
server
openresty
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=284AAB351A614177ABCF2F6B46093D1F
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Sep 2021 14:17:52 GMT
c.html
j.mrpdata.net/ Frame 8474
Redirect Chain
  • https://j.mrpdata.net/c.html?ex=OpenX
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.251.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-251-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

location
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
pragma
no-cache
cache-control
no-cache
x-backend
dmc_hitServer_4_f@j4mrpdatanet
Connection
keep-alive
x-deviceid
cce4099e-64f3-ff59-f91a-d468ffd96439
Content-Length
0
current
openx2-match.dotomi.com/match/bounce/ Frame 8474 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sd
us-u.openx.net/w/1.0/ Frame 8474
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ox
match.justpremium.com/match/ Frame 8474 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=9c0b3348-9868-0f07-2b8b-7c081a56a733
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.90.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-90-9.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 8474
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YVR1kAAFR0sQjgA6
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YVR1kAAFR0sQjgA6&_test=YVR1kAAFR0sQjgA6
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YVR1kAAFR0sQjgA6&_test=YVR1kAAFR0sQjgA6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632925073.587385,VS0,VE0
x-served-by
cache-hhn4081-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YVR1kAAFR0sQjgA6&_test=YVR1kAAFR0sQjgA6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 8474
Redirect Chain
  • https://green.erne.co/openx/cm
  • https://pixel.onaudience.com/?mapped=v74UkLGk9SvVS6qbVl9UXkD5&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%2...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4c07acbd1bf9d1ad7ca10a8ed41d0f3a&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%25...
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3Dv74UkLGk9SvVS6qbVl9UXkD5
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=v74UkLGk9SvVS6qbVl9UXkD5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=v74UkLGk9SvVS6qbVl9UXkD5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=v74UkLGk9SvVS6qbVl9UXkD5
date
Wed, 29 Sep 2021 14:17:52 GMT
server
openresty
strict-transport-security
max-age=0; includeSubDomains;
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 8474
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4543652095938154487&gdpr=1&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4543652095938154487&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4543652095938154487&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 8474
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=Cdx3hGZfjEOf4baJyDresw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
6pt3pfrpmhkpj3rlmvfqha9b7aq3keno

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
424d9bfc-5f75-a724-4842-eccbe4742940
pr-bh.ybp.yahoo.com/sync/openx/ Frame 8474 		43 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/424d9bfc-5f75-a724-4842-eccbe4742940?gdpr=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame C66B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16c55383f3b9c3c5d1571105a923284df4d9670ba630518fdb34c2a57d1e33f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:32 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42598
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9355
Expires
Thu, 30 Sep 2021 02:07:50 GMT
usync.js
eus.rubiconproject.com/ Frame 94E9 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16c55383f3b9c3c5d1571105a923284df4d9670ba630518fdb34c2a57d1e33f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 14:17:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:32 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42598
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9355
Expires
Thu, 30 Sep 2021 02:07:50 GMT
services
sync.technoratimedia.com/ Frame F54F 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=ebe6b206-a88e-0d5e-1355-e45e2fc3daef
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
684792083
access-control-allow-origin
https://us-u.openx.net/
access-control-allow-credentials
true
45bcedda-b46c-0706-2978-a3d6bd9ba875
sync.1rx.io/usersync/openx/ Frame F54F 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/openx/45bcedda-b46c-0706-2978-a3d6bd9ba875
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
expires
0
sd
us-u.openx.net/w/1.0/ Frame F54F
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=2159827874134407060
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=2159827874134407060
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=2159827874134407060
Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
m
ad.yieldlab.net/ Frame F54F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id=
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=1c750af2-9f44-0c68-0902-db38e44de53d
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=1c750af2-9f44-0c68-0902-db38e44de53d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Tue, 28 Sep 2021 14:17:52 GMT

Redirect headers

date
Wed, 29 Sep 2021 14:17:52 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=1c750af2-9f44-0c68-0902-db38e44de53d
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
pixel.advertising.com/ups/58294/ Frame F54F 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/58294/sync?_origin=1&gdpr=1&uid=f84e7e31-17b3-0f24-2ab2-3b348c801060
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-99-6.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame F54F 		0
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=ba642378-256d-0f60-3e29-4c986392db5b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT
um
sync.teads.tv/ Frame F54F
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid=
  • https://sync.teads.tv/um?eid=64&uid=63f0a785-2954-0e37-08e7-c5421266243f
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=64&uid=63f0a785-2954-0e37-08e7-c5421266243f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 29 Sep 2021 14:17:52 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

date
Wed, 29 Sep 2021 14:17:52 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.teads.tv/um?eid=64&uid=63f0a785-2954-0e37-08e7-c5421266243f
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
openx
tr.blismedia.com/v1/api/sync/ Frame F54F 		0
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 google
alt-svc
clear
dcm
aax-eu.amazon-adsystem.com/s/ Frame F54F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8e5c81c5-d373-8e97-b99b-78a973102fe9
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8e5c81c5-d373-8e97-b99b-78a973102fe9&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8e5c81c5-d373-8e97-b99b-78a973102fe9&dcc=t
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZHW4KF5G3GMP3YJDV2EY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
D3G7W1SX272S2WATYYXM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=8e5c81c5-d373-8e97-b99b-78a973102fe9&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F54F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=089a7685-2130-11ec-8e3f-0f1e794564a3
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=089a7685-2130-11ec-8e3f-0f1e794564a3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=089a7685-2130-11ec-8e3f-0f1e794564a3
Date
Wed, 29 Sep 2021 14:17:52 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
089a7686-2130-11ec-8e3f-0f1e794564a3
sd
eu-u.openx.net/w/1.0/ Frame F54F
Redirect Chain
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1&prevuid=05030002_6154759079bd7&knw=0
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=05030002_6154759079bd7
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=05030002_6154759079bd7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 29 Sep 2021 14:17:52 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=05030002_6154759079bd7
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
sync.php
pixel.rubiconproject.com/exchange/ Frame A8C7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
tap.php
pixel.rubiconproject.com/ Frame CE13
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YVR1kAAFSLgQyQA6
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVR1kAAFSLgQyQA6&_test=YVR1kAAFSLgQyQA6
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVR1kAAFSLgQyQA6&_test=YVR1kAAFSLgQyQA6
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632925073.598189,VS0,VE0
x-served-by
cache-hhn4081-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVR1kAAFSLgQyQA6&_test=YVR1kAAFSLgQyQA6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame CE13
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjNiYTBmM2NhNmNkNGExMWVmNWZkZDkyM2IwOGI0MDY0NWFiOTdlYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjNiYTBmM2NhNmNkNGExMWVmNWZkZDkyM2IwOGI0MDY0NWFiOTdlYw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjNiYTBmM2NhNmNkNGExMWVmNWZkZDkyM2IwOGI0MDY0NWFiOTdlYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame CE13
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU5LFACW-M-LTP0&sigv=1&esig=2~85af4fa6f027e8cbe149eb7ad2de6ba6373627a2
0
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU5LFACW-M-LTP0&sigv=1&esig=2~85af4fa6f027e8cbe149eb7ad2de6ba6373627a2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU5LFACW-M-LTP0&sigv=1&esig=2~85af4fa6f027e8cbe149eb7ad2de6ba6373627a2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CE13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF_Vc8LBjhx2v9KaRD4f5bY&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF_Vc8LBjhx2v9KaRD4f5bY&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF_Vc8LBjhx2v9KaRD4f5bY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame CE13
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/iXIxF2F8C0_2PCgD13dayA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=315406040289097347
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=315406040289097347
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

date
Wed, 29 Sep 2021 14:17:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=315406040289097347
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame CE13 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
rubicon
match.adsrvr.org/track/cmf/ Frame CE13 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame CE13 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
chunk-3.a5567a56807692dc8b54.1632774487207.js
khak.com/public/dist/desktop/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-3.a5567a56807692dc8b54.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7F81) / Express
Resource Hash
fd759f318c05aa27016761ec693c5f4905f5ecbb1befa4bb3c3338d9d583a0d3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-3.a5567a56807692dc8b54.1632774487207.js
pragma
no-cache
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1; _fbp=fb.1.1632925067866.1956037673; blingblocksession=1; _gat_UA1150030077=1; cmp-data=. . c82c3f97-54b0-4f65-bd6c-d5c0acaaccc8; _pbjs_userid_consent_data=3524755945110770; _pubcid=2e1260c4-2e91-45de-a36b-203ee8328d55; cto_bidid=gvnoVF9XUDRDNmd0Qm8yQk1lcjNFJTJGY0dyNm9mWHozVjlFWFFKY080Q1NZd1dVVGdTQTdiZ2NtR2dCZk4lMkYwaGk0UGVKTm9xTW1mME5zSXZOJTJCS3d2ZnJnYSUyQjNBJTNEJTNE; cto_bundle=qzXOOV85aUg5SGY4dnZrbDJETHg3VExkVzFlaGJaUk5lOTdiQnFEUHNDTE5xOVd2dUdvVTFRZ1hwTkY3MThEamh0OWplOWFxWEQ0bSUyQm1FSHVHM3JRWEJqOHBvb0NUS05oTkhtR0xvdWk1OUZjbTRmVUVGMWNad1dRVmk5c20yZCUyRlR4Rms
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:52 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58617
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
7504
last-modified
Mon, 27 Sep 2021 21:56:47 GMT
server
ECS (dcb/7F81)
etag
W/"7323-17c2942accf"
x-frame-options
SAMEORIGIN
x-varnish
238050198
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:51 GMT
chunk-7.08a141b3724d35ab813c.1632774487207.js
khak.com/public/dist/desktop/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://khak.com/public/dist/desktop/chunk-7.08a141b3724d35ab813c.1632774487207.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (dcb/7EED) / Express
Resource Hash
de68eb9cecb3376c5cb1d9cc0f54ed974a8d08e231f3e4c6f7287905ff70ca56
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/public/dist/desktop/chunk-7.08a141b3724d35ab813c.1632774487207.js
pragma
no-cache
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1; _fbp=fb.1.1632925067866.1956037673; blingblocksession=1; _gat_UA1150030077=1; cmp-data=. . c82c3f97-54b0-4f65-bd6c-d5c0acaaccc8; _pbjs_userid_consent_data=3524755945110770; _pubcid=2e1260c4-2e91-45de-a36b-203ee8328d55; cto_bidid=gvnoVF9XUDRDNmd0Qm8yQk1lcjNFJTJGY0dyNm9mWHozVjlFWFFKY080Q1NZd1dVVGdTQTdiZ2NtR2dCZk4lMkYwaGk0UGVKTm9xTW1mME5zSXZOJTJCS3d2ZnJnYSUyQjNBJTNEJTNE; cto_bundle=qzXOOV85aUg5SGY4dnZrbDJETHg3VExkVzFlaGJaUk5lOTdiQnFEUHNDTE5xOVd2dUdvVTFRZ1hwTkY3MThEamh0OWplOWFxWEQ0bSUyQm1FSHVHM3JRWEJqOHBvb0NUS05oTkhtR0xvdWk1OUZjbTRmVUVGMWNad1dRVmk5c20yZCUyRlR4Rms; usprivacy=1---
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
B
date
Wed, 29 Sep 2021 14:17:52 GMT
content-encoding
gzip
vary
Accept-Encoding
age
58616
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1833
last-modified
Mon, 27 Sep 2021 21:56:28 GMT
server
ECS (dcb/7EED)
etag
W/"118b-17c2942620d"
x-frame-options
SAMEORIGIN
x-varnish
238050211
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 29 Sep 2021 14:17:51 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 5132 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Content-Type
image/gif
cogitoergosum
khak.com/rest/high/api/ 		22 B
86 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://khak.com/rest/high/api/cogitoergosum
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.163.47 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://khak.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9; connect.sid=s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988; _ga=GA1.2.270426361.1632925067; _gid=GA1.2.270461768.1632925067; _gat_primary=1; _gat_UA191097531=1; _gat_UA456758041=1; _gat_UA288258042=1; _gat_UA452600602=1; _fbp=fb.1.1632925067866.1956037673; blingblocksession=1; _gat_UA1150030077=1; cmp-data=. . c82c3f97-54b0-4f65-bd6c-d5c0acaaccc8; _pbjs_userid_consent_data=3524755945110770; _pubcid=2e1260c4-2e91-45de-a36b-203ee8328d55; cto_bidid=gvnoVF9XUDRDNmd0Qm8yQk1lcjNFJTJGY0dyNm9mWHozVjlFWFFKY080Q1NZd1dVVGdTQTdiZ2NtR2dCZk4lMkYwaGk0UGVKTm9xTW1mME5zSXZOJTJCS3d2ZnJnYSUyQjNBJTNEJTNE; cto_bundle=qzXOOV85aUg5SGY4dnZrbDJETHg3VExkVzFlaGJaUk5lOTdiQnFEUHNDTE5xOVd2dUdvVTFRZ1hwTkY3MThEamh0OWplOWFxWEQ0bSUyQm1FSHVHM3JRWEJqOHBvb0NUS05oTkhtR0xvdWk1OUZjbTRmVUVGMWNad1dRVmk5c20yZCUyRlR4Rms; usprivacy=1---; newsletter-overlay-notspam=completed-newsletter
content-length
120
:path
/rest/high/api/cogitoergosum
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
khak.com
referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Sep 2021 14:17:52 GMT
etag
W/"16-9TAjjH5B1CRTDKLX0cVR1g"
server
nginx
x-powered-by
Express
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
vary
Accept-Encoding
content-length
22
expires
Wed, 29 Sep 2021 14:17:51 GMT
like.php
www.facebook.com/v2.8/plugins/ Frame 7A69 		0
141 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=279066220340679&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17a65b3623805%26domain%3Dkhak.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkhak.com%252Ff3ea14f224cdd8c%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.8/plugins/like.php?action=like&app_id=279066220340679&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17a65b3623805%26domain%3Dkhak.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkhak.com%252Ff3ea14f224cdd8c%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://khak.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
uB4w6oudwxrZ3qNEmcoAp4ReYj0L5W4KHahwA9Q3HRgic2WHRg1vDik0IHmnvQkWverVkrAWYyPnEPObsUbKjA==
content-length
0
date
Wed, 29 Sep 2021 14:17:52 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=event&_s=3&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&dp=%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=270426361.1632925067&tid=UA-45675804-3&_gid=270461768.1632925067&_av=2.4.1&_au=20&did=i5iSjo&z=1831985272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60017
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=event&_s=3&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&dp=%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=270426361.1632925067&tid=UA-19109753-1&_gid=270461768.1632925067&_av=2.4.1&_au=20&did=i5iSjo&z=275868875
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60017
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=event&_s=3&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&dp=%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=270426361.1632925067&tid=UA-45675804-1&_gid=270461768.1632925067&_av=2.4.1&_au=20&did=i5iSjo&z=676148141
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60017
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=event&_s=3&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&dp=%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=270426361.1632925067&tid=UA-28825804-2&_gid=270461768.1632925067&_av=2.4.1&_au=20&did=i5iSjo&z=1090367696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60017
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1590736317&t=event&_s=3&dl=https%3A%2F%2Fkhak.com%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&dp=%2Fiowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison%2F&ul=en-us&de=UTF-8&dt=Iowa%20Woman%20Who%20Stole%20Big%20Money%20From%20Church%20Headed%20to%20Fed.%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAG~&jid=&gjid=&cid=270426361.1632925067&tid=UA-45260060-2&_gid=270461768.1632925067&_av=2.4.1&_au=20&did=i5iSjo&z=1945061954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:37:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60017
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
logosmall.png
townsquare.media/site/675/files/2017/01/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/675/files/2017/01/logosmall.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D4D) / Express
Resource Hash
89c3a0127da2dc19e725842fb7fc64af2d67dc5905ff5931e677488e008bf3e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-abgroup
A
date
Wed, 29 Sep 2021 14:17:52 GMT
via
1.1 varnish
age
26159228
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
8903
last-modified
Thu, 12 Sep 2019 19:04:51 GMT
server
ECS (lcy/1D4D)
x-varnish
2654772616 2644663545
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/png
expires
Wed, 29 Sep 2021 14:17:51 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame C66B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=synacor_xapi
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Content-Type
image/gif
id
api.britepool.com/v1/britepool/ Frame 		0
0
id
api.britepool.com/v1/britepool/ Frame 7C7E 		0
0
725.json
id5-sync.com/g/v2/ Frame 7C7E 		213 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/725.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.166 , France, ASN16276 (OVH, FR),
Reverse DNS
p10.id5-sync.com
Software
/
Resource Hash
2e9ffbe89c555c24669b8901df8b1387a7509cb4303cdc33079cceaa18f15b13
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://khak.com
Date
Wed, 29 Sep 2021 14:17:46 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 7C7E 		0
0
id
id.crwdcntrl.net/ Frame 7C7E 		154 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.12.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-12-237.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
76a2a8bb6202c6f9f4d50963857730dc3c4c31dcd6b635fa0c2696dadd2aceb8

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 14:17:53 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://khak.com
cache-control
no-cache
x-server
10.45.13.29
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
id
id.sharedid.org/ Frame 7C7E 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.218.247.33 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://khak.com
pragma
no-cache
date
Wed, 29 Sep 2021 14:17:53 GMT
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires
0
rid
match.adsrvr.org/track/ Frame 7C7E 		108 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
841e86a0efc77212d6f95123ce4bbc36ada4043315e5e55d0efd27975ae5c201

Request headers

Referer
https://khak.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Sep 2021 14:17:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://khak.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 29 Oct 2021 14:17:53 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C342 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60964287&p=156725&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CPNTJeEPNTJeEAXADAENBuCgAAAAAH_AAAAAAAAQbAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRNYAMDgp2VgEeoIWACE1ARgRAgxBRgwCAAQSAJCIgJACwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgKkWiglsrAEoO9jTCEMt8CKBR_RUYCNZogWBkJCwcxwBICXiwAAA.YAAAAAAAAAAA&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:53 GMT
content-length
0
verizon_video
prebid.a-mo.net/setuid/ Frame 7C7E
Redirect Chain
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=58676dc1-ceb8-43c4-9d0b-955623b85ac3
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=58676dc1-ceb8-43c4-9d0b-955623b85ac3&apid=UP0804023d-2130-11ec-90d3-062f19f979bc
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP0804023d-2130-11ec-90d3-062f19f979bc&gdpr=0&gdpr_consent=
0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/verizon_video?uid=UP0804023d-2130-11ec-90d3-062f19f979bc&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Wed, 29 Sep 2021 14:17:54 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://prebid.a-mo.net/setuid/verizon_video?uid=UP0804023d-2130-11ec-90d3-062f19f979bc&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
setuid
prebid.a-mo.net/ Frame 7C7E
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D58676dc1-ceb8-43c4-9d0b-955623b85ac3%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=sovrn&uid=99fec256b85ec766687ca3bd
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=sovrn&uid=99fec256b85ec766687ca3bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Wed, 29 Sep 2021 14:17:54 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=sovrn&uid=99fec256b85ec766687ca3bd
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
prebid.a-mo.net/ Frame 7C7E
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D58676dc1-ceb8-43c4-9d0b-955623b85ac3%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=pubmatic&uid=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
0
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=pubmatic&uid=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=pubmatic&uid=FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
date
Wed, 29 Sep 2021 14:17:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame 7C7E
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D58676dc1-ceb8-43c4-9d0b-955623b85ac3%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=index_rtb&uid=YVR1jwDC4aiWdcgMp4DnZgAA%261149
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=index_rtb&uid=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=index_rtb&uid=YVR1jwDC4aiWdcgMp4DnZgAA%261149
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Wed, 29 Sep 2021 14:17:55 GMT
setuid
prebid.a-mo.net/ Frame 7C7E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D58676dc1-ceb8-43c4-9d0b-955623b85ac3%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=appnexus&uid=5961959193077058021
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=appnexus&uid=5961959193077058021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://khak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:17:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 14:17:54 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
be98efe9-88a5-4ea4-bd83-c3e2db242cad
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=58676dc1-ceb8-43c4-9d0b-955623b85ac3&D=&bidder=appnexus&uid=5961959193077058021
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOOM19qr-ZhmxWjFtM5zz6506H7o8ympRt0SE1Ug&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=26

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| onbeforexrselect boolean| originAgentCluster object| TSM object| taskQ function| ga object| globalDimensionData object| dataLayer function| __tcfapi function| cmpFactory function| __cmp function| __uspapi object| cnvr_launcher_options object| googletag object| pbjs number| PREBID_TIMEOUT boolean| REQUEST_BIDS_ON_PAGE_LOAD boolean| SHOW_ADS_ON_PAGE_LOAD function| pbjsChunk object| _pbjsGlobals object| mnet object| pbjsBidderSettings object| apstag object| twttr function| fbq function| _fbq object| ZERG object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __INITIAL_STATE__ object| gaDevIds object| webpackChunkgroundcontrol function| bootAd object| Audit object| gapi object| ___jsl object| conversant object| headertag object| ggeac object| google_js_reporting_queue object| __twttrll object| __twttr object| FB object| core boolean| apstagLOADED object| webpackChunkexpressblog object| regeneratorRuntime object| bidLog function| initCarbon function| fbAsyncInit function| onYtEvent number| AD_REFRESH_FREQUENCY object| cQ object| __s object| instgrm object| JSON3 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| cmpConfig function| setImmediate function| clearImmediate object| __$$GLOBAL_REWIRE_REGISTRY__ function| __rewire_reset_all__ object| AirTV function| startAirTVManager function| atvTwoView number| __$$GLOBAL_REWIRE_NEXT_MODULE_ID__ object| hindsight object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow boolean| hindsight_loaded object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| json6535699 object| google_tag_manager object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked function| udm_ object| _comscore object| COMSCORE object| PublisherCommonId object| ADAGIO object| _ADAGIO

153 Cookies

Domain/Path Name / Value
khak.com/rest/carbon/filter/main/george-kittle-said-that-he-attended-tight-end-university Name: gdpr-source
Value: DE
khak.com/rest/carbon/filter/main/popular-iowa-license-plate-facing-production-delays Name: gdpr-source
Value: DE
khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison Name: gdpr-source
Value: DE
khak.com/rest/carbon/api/nowplaying/playertype Name: gdpr-source
Value: DE
khak.com/rest/carbon/api/gallery Name: gdpr-source
Value: DE
khak.com/public/assets/img/nav Name: gdpr-source
Value: DE
khak.com/public/dist/desktop Name: gdpr-source
Value: DE
khak.com/internal-ad-api Name: gdpr-source
Value: DE
khak.com/styles/desktop Name: gdpr-source
Value: DE
khak.com/rest/high/api Name: gdpr-source
Value: DE
.3lift.com/sync Name: sync
Value: CgoIgQIQgfKsj8MvCgoI4gEQgfKsj8MvCgoI5gEQgfKsj8MvCgoIhwIQgfKsj8MvCgkICRCB8qyPwy8KCQg6EIHyrI_DLwoJCAsQgfKsj8MvCgoIjAIQgfKsj8MvCgoIzgEQgfKsj8MvCgkIXxCB8qyPwy8=
khak.com/ Name: abgroup
Value: B
khak.com/ Name: cogitoergosum
Value: eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI5IFNlcCAyMDIxIDE0OjE3OjQ3IEdNVCJ9
khak.com/ Name: connect.sid
Value: s%3AO791mJumUvHIUasucna7TXogvYmudatb.AFeLtQieZkVfcMfq0kNbyoKF1izYEkUWhdA1jWEU988
.google.com/ Name: NID
Value: 511=kRjy2J9NU8sfbsHEMoghdbVKFvEhIHPr3VyHVOD7YnDpoprv54guV6tc2RThJbZuPXUEIz_efE3ezakSuHqKt84SvQl6IXWSjvJH1Esr3y8SchMpcQdKizwoIuUf_ocxXxGlsW1P3o1UAX3QylaWfQ_rDs3OEnV9nOo5_0uQw6w
.khak.com/ Name: _ga
Value: GA1.2.270426361.1632925067
.khak.com/ Name: _gid
Value: GA1.2.270461768.1632925067
.khak.com/ Name: _gat_primary
Value: 1
.khak.com/ Name: _gat_UA191097531
Value: 1
.khak.com/ Name: _gat_UA456758041
Value: 1
.khak.com/ Name: _gat_UA288258042
Value: 1
.khak.com/ Name: _gat_UA452600602
Value: 1
.adsrvr.org/ Name: TDID
Value: 993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
.khak.com/ Name: _fbp
Value: fb.1.1632925067866.1956037673
.kargo.com/ Name: ktcid
Value: 17790e50-7387-0cb9-1e10-5fc2028c9f6c
.openx.net/ Name: i
Value: 0526c2e1-665e-0a9a-2343-32d67f04d7f4|1632925067
khak.com/ Name: blingblocksession
Value: 1
.khak.com/ Name: _gat_UA1150030077
Value: 1
.adnxs.com/ Name: uuid2
Value: 5961959193077058021
.go.sonobi.com/ Name: HAPLB5A
Value: s56129|YVR1j
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlOnWsGgPSzMzbSBXScxyMVEV9DEglCT4J8HaSS7SQ9hHAEFbu5P2gf-HgK6aFWoQBU
.gumgum.com/ Name: vst
Value: e_092d243b-a206-4a91-8a6f-2dd094444973
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==
.rubiconproject.com/ Name: ses2
Value: 173188^1
.rubiconproject.com/ Name: vis2
Value: 173188^1
.rubiconproject.com/ Name: ses15
Value: 173188^1
.rubiconproject.com/ Name: vis15
Value: 173188^1
.rubiconproject.com/ Name: khaos
Value: KU5LFACW-M-LTP0
.rubiconproject.com/ Name: ses57
Value:
.rubiconproject.com/ Name: vis57
Value: 173188^1
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoOy0TTl/QxIEZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lnB3RSpJcaPk0TAqrg4P1ivgcRgjl6EitXZpcvlxac5A3OlDu/ORdD8=
.youtube.com/ Name: YSC
Value: 0zQnJGMLDcA
.khak.com/ Name: cmp-data
Value: . . c82c3f97-54b0-4f65-bd6c-d5c0acaaccc8
.zergnet.com/ Name: seen_crc
Value: %5B1981349824%2C2319218623%2C3338673337%2C3567935812%5D
khak.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.khak.com/ Name: _pubcid
Value: 2e1260c4-2e91-45de-a36b-203ee8328d55
.adnxs.com/ Name: icu
Value: ChgInIc_EAoYASABKAEwj-vRigY4AUABSAEKGAig3mwQChgBIAEoATCM69GKBjgBQAFIARCP69GKBhgB
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.3lift.com/ Name: tluid
Value: 6319926599683135819
.media.net/ Name: gdpr_status
Value: 1
.id5-sync.com/ Name: id5
Value: ff2a1a56-bc6f-4e3e-886a-23521e489825#1632925066061#2
.ads.pubmatic.com/ Name: KCCH
Value: YES
.360yield.com/ Name: tuuid
Value: efc9d6c7-c98b-4afb-ac37-0c4a63827086
.360yield.com/ Name: tuuid_lu
Value: 1632925071
.bidswitch.net/ Name: c
Value: 1632925071
.bidswitch.net/ Name: tuuid_lu
Value: 1632925071
.bidswitch.net/ Name: tuuid
Value: 463cb130-4958-4b79-ad34-ffed1efc1873
.doubleclick.net/ Name: IDE
Value: AHWqTUn8oKBMsU_umWS6QM66L0BeHHQYLV9Sr18gQ5SyxLCh1MImjdpW5p9Z6mTjXzo
prebid.a-mo.net/ Name: __amc
Value: 1_1632925071_1632925071
.a-mo.net/ Name: amuid2
Value: 58676dc1-ceb8-43c4-9d0b-955623b85ac3
.britepool.com/ Name: _temp_bpid_
Value: 6bb0720c-20f7-49f5-8fe9-c50f75f382a2
.advertising.com/ Name: APID
Value: UP0804023d-2130-11ec-90d3-062f19f979bc
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: wfivefivec
Value: QDKCbHSQ1MvAp95
.quantserve.com/ Name: d
Value: EIABDAGuJIqsMA
.quantserve.com/ Name: mc
Value: 6154758f-d0312-3920b-926e1
.mathtag.com/ Name: uuid
Value: 7f006154-758f-4c00-974d-aa5f04d88538
.w55c.net/ Name: matchopenx
Value: 5
.adform.net/ Name: uid
Value: 8196793949875099847
.360yield.com/ Name: um
Value: !79,bNboSUADWHQ6dR3KrJwaRSLfvVoarZMtTpjE5jTMCcwM4oq2H7WXu34IhHjHNtG8e3gdVaeBuQqLJfAB,1640701071!313,bNboSVPbpgpc5SmJVNz-ILrA6LZ5MzDgZDzS8i0SYSYL2feYqiDCHP-71KVdYZ55t3-fP9lKbZRzGb6X,1640701071
.360yield.com/ Name: umeh
Value: !79,0,1695133071,-1!313,0,1695133071,-1
khak.com/ Name: cto_bidid
Value: gvnoVF9XUDRDNmd0Qm8yQk1lcjNFJTJGY0dyNm9mWHozVjlFWFFKY080Q1NZd1dVVGdTQTdiZ2NtR2dCZk4lMkYwaGk0UGVKTm9xTW1mME5zSXZOJTJCS3d2ZnJnYSUyQjNBJTNEJTNE
.turn.com/ Name: uid
Value: 4543652095938154487
khak.com/ Name: cto_bundle
Value: qzXOOV85aUg5SGY4dnZrbDJETHg3VExkVzFlaGJaUk5lOTdiQnFEUHNDTE5xOVd2dUdvVTFRZ1hwTkY3MThEamh0OWplOWFxWEQ0bSUyQm1FSHVHM3JRWEJqOHBvb0NUS05oTkhtR0xvdWk1OUZjbTRmVUVGMWNad1dRVmk5c20yZCUyRlR4Rms
.bing.com/ Name: MUID
Value: 2A0BF0A07F5D610D36A9E0617E8F607F
.pubmatic.com/ Name: SyncRTB3
Value: 1634083200%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
.yahoo.com/ Name: A3
Value: d=AQABBI91VGECEG2T6udKT_q05hn8PLzyO0QFEgEBAQHHVWFeYQAAAAAA_eMAAA&S=AQAAAi-6Vp2o407g3RZZo2D9d7E
.yahoo.com/ Name: APID
Value: UP0804023d-2130-11ec-90d3-062f19f979bc
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMPS
Value: 5224
.bidr.io/ Name: bito
Value: AACq707CqOsAADgqi1GVkg
.casalemedia.com/ Name: CMID
Value: YVR1jwDC4aiWdcgMp4DnZgAA
.yahoo.com/ Name: APIDTS
Value: 1632925072
.casalemedia.com/ Name: CMPRO
Value: 1149
.casalemedia.com/ Name: CMST
Value: YVR1kGFUdZAA
.smadex.com/ Name: smxtrack
Value: 1e328c9f-5de2-4e8b-99d7-7cd69cd2df84
.lijit.com/ Name: ljt_reader
Value: 99fec256b85ec766687ca3bd
.admanmedia.com/ Name: admtr
Value: 1c1b3378267234924905014e79105fd96fe389c3
.go.sonobi.com/ Name: HAPLB5G
Value: s578|YVR1k
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACq707CqOsAADgqi1GVkg
.pubmatic.com/ Name: PugT
Value: 1632925072
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
ads.avct.cloud/ Name: uuid
Value: 17cf5794-7a0e-4b13-b491-ace7c771cb7f
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z9~20oe:17ot~20oe:18yi~20oe"
.openx.net/ Name: pd
Value: v2|1632925071.1|kiiymOgevNomgunsn0gi.fogSj8w0gmmWvStujofcsHqGgqvtmuvQsLiSsfrF
.taboola.com/ Name: t_gid
Value: 78608f14-de77-4a26-b294-f30495b498a7-tuct84dfb10
.pubmatic.com/ Name: SPugT
Value: 1632925071
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2328:u=1:x=1:i=1632925072:t=1633011472:v=2:sig=AQFAnrW_GMi8RkKJ8XiA4HuCesRAYZLU"
.linkedin.com/ Name: bcookie
Value: "v=2&c9ce57e8-98a1-4a71-8c81-c7a13d2dcf83"
.linkedin.com/ Name: li_gc
Value: MTswOzE2MzI5MjUwNzI7MjswMjG116H8B/Aj/1QS9lvJGleYG3KwsOpcc7zbOpk7DPwTnQ==
.undertone.com/ Name: UID_EXT_39
Value: 9de79a9f-cf76-090e-1310-e5f9ec8fc45b
.spotxchange.com/ Name: audience
Value: 0855d6bf-2130-11ec-8cee-12b1ce320406
eus.rubiconproject.com/ Name: pux
Value: 2249%3D102950%262307%3D102950%262974%3D102950%263778%3D102950%262249-DV360-Hosted%3D102950%26brx%3D102950%26idl%3D102950%26a9us%3D102950%26
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-95834b00-5507-423d-85d0-525e2eac571b-003%22%7D
.mrpdata.net/ Name: U
Value: c970d5a4-6a60-de10-0217-a89713ec0d5f
.erne.co/ Name: u
Value: v74UkLGk9SvVS6qbVl9UXkD5
.mrpdata.net/ Name: DNT
Value: 00000000-0000-0000-0000-000000000000
.blismedia.com/ Name: b
Value: 6154759085937101199CBED0BLIS
.undertone.com/ Name: UID_EXT_53
Value: FD0F92AE-3143-4A7B-B6B3-0E5E2EF1CC91
.simpli.fi/ Name: suid
Value: 284AAB351A614177ABCF2F6B46093D1F
.dyntrk.com/ Name: dyn_u
Value: 05030002_6154759079bd7
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-95834b00-5507-423d-85d0-525e2eac571b-003%22%7D
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzE0NjExMDcwMxDiM9QtytN1t8zw8LMMdk2X4jU0MzayNDI1MDcyNTQBAJdMTWY0AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAANvFyGtoZmxkaWRqYG5kamgCAJoFqHAQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzE0NjExMDcwMxDiM9QtytN1t8zw8LMMdk0HAIpfDZklAAAA
.onaudience.com/ Name: cookie
Value: ec04c35e83aabda3
.onaudience.com/ Name: done_redirects104
Value: 1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4e5dac365399615f
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YVR1kAAFSLgQyQA6
.yieldlab.net/ Name: id
Value: 3e744b21-b17d-4465-8405-5d09b0fb1c5f
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 4c07acbd1bf9d1ad7ca10a8ed41d0f3a
.mediarithmics.com/ Name: mics_vid
Value: 21122580252
.mediarithmics.com/ Name: mics_uaid
Value: web:1:103257bf-7b51-4e80-a3ff-17577d537d19
.mediarithmics.com/ Name: mics_lts
Value: 1632925072698
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwiw-Ov91NeBOhAFOAFaB3J3dXE5bnlgAg..
khak.com/ Name: usprivacy
Value: 1---
.id5-sync.com/ Name: 3pi
Value: 146#1632925066839#2004234525|18#1632925067208#-1225770898|19#1632925067275#1280636719#4c07acbd1bf9d1ad7ca10a8ed41d0f3a|916#1632925066342#266532942|441#1632925066098#48|124#1632925066393#266532942
khak.com/ Name: newsletter-overlay-notspam
Value: completed-newsletter
.ipredictive.com/ Name: cu
Value: 089a7685-2130-11ec-8e3f-0f1e794564a3|1632925072813
.bfmio.com/ Name: __106_cid
Value: 993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
.bfmio.com/ Name: __io_cid
Value: 993568eb-45a9-4f9c-8aa4-31b5ae3f68a5
.justpremium.com/ Name: jpxumaster
Value: um-b8e037df-13dd-4c01-9960-83a95ec5a0d2-1632925072
.justpremium.com/ Name: jpxumatched
Value: ox
khak.com/ Name: _lr_retry_request
Value: true
khak.com/ Name: _lr_env_src_ats
Value: false
khak.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22993568eb-45a9-4f9c-8aa4-31b5ae3f68a5%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-08-29T14%3A17%3A53%22%7D
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEk2ME9MTkoxTEqzTDFMTDFPTjQ0SLRITTExTDFIM05kAILEkNKJIBoKAHnTC6E%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIDCmdCKSgAAAVWwG8"
.khak.com/ Name: panoramaId_expiry
Value: 1633529873352
.khak.com/ Name: _cc_id
Value: 4c07acbd1bf9d1ad7ca10a8ed41d0f3a
.khak.com/ Name: panoramaId
Value: 6ccb2258f3b978752a329bf7bbaf16d5393803e5ecbb0e6d44f56fd8d38055f5

11 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=6bb0720c-20f7-49f5-8fe9-c50f75f382a2
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://match.prod.bidr.io/cookie-sync/syn
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://match.prod.bidr.io/cookie-sync/syn
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=13b7ad33-f325-41f6-ad7c-6bb125a750f5-tuct84dfb10&query=taboola_hm%3D1&isDirect=0
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://match.taboola.com/sg/synacor-ssp-network/1/rtb-h?taboola_hm=1&tbid=78608f14-de77-4a26-b294-f30495b498a7-tuct84dfb10&query=taboola_hm%3D1&isDirect=0
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOOM19qr-ZhmxWjFtM5zz6506H7o8ympRt0SE1Ug&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript error URL: https://khak.com/iowa-woman-who-stole-huge-money-from-church-headed-to-federal-prison/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=26' from origin 'https://khak.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=26
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://api.britepool.com/v1/britepool/id
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax-eu.amazon-adsystem.com
accounts.google.com
action.dstillery.com
action.media6degrees.com
ad-cdn.technoratimedia.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad.yieldlab.net
ads.pubmatic.com
ads.yahoo.com
ap.lijit.com
apex.go.sonobi.com
api.britepool.com
api.btloader.com
api.conversant.mgr.consensu.org
api.rlcdn.com
api.solutionshindsight.net
apis.google.com
as-sec.casalemedia.com
b1sync.zemanta.com
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn-sp-s3.air.tv
cdn.conversant.mgr.consensu.org
cdn.districtm.io
cdn.production.townsquareblogs.com
cdn.undertone.com
ce.lijit.com
cm.g.doubleclick.net
cm.smadex.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
contextual.media.net
counts.air.tv
cs.admanmedia.com
cs.emxdgt.com
doi3unldljdx6.cloudfront.net.
dpm.demdex.net
e.serverbid.com
eb2.3lift.com
embed.air.tv
eu-u.openx.net
eus.rubiconproject.com
events.air.tv
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
go.sonobi.com
green.erne.co
gu.dyntrk.com
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id.sharedid.org
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
img2.zergnet.com
img4.zergnet.com
img5.zergnet.com
j.mrpdata.net
js-sec.indexww.com
khak.com
krk.kargo.com
match.adsrvr.org
match.bnmla.com
match.justpremium.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
native.sharethrough.com
onetag-sys.com
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
proc.ad.cpe.dotomi.com
px.ads.linkedin.com
px.britepool.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
sb.scorecardresearch.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ssl.gstatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.solutionshindsight.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.serverbid.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
syndication.twitter.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
townsquare.media
townsquaremedia-d.openx.net
tr.blismedia.com
trc.taboola.com
uat-net.technoratimedia.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.youtube.com
www.zergnet.com
x.bidswitch.net
api.britepool.com
api.rlcdn.com
dpm.demdex.net
104.111.218.85
104.111.219.144
104.111.242.245
104.111.247.126
104.16.190.66
104.244.42.136
107.23.252.174
13.248.242.197
13.248.245.213
130.211.23.194
135.125.160.160
142.250.185.98
142.250.186.102
142.250.186.162
143.204.95.188
143.204.98.103
143.204.98.113
143.204.98.5
143.204.98.76
143.204.98.87
143.204.98.89
143.204.98.90
146.59.148.16
147.75.38.124
151.101.129.44
151.101.193.194
151.101.2.49
151.139.128.11
152.199.22.191
159.253.128.188
165.227.252.242
178.162.133.148
178.162.133.149
178.162.133.150
178.250.0.157
18.156.0.31
18.194.59.214
18.195.155.181
18.196.16.240
18.197.99.6
18.232.13.40
184.30.24.22
185.29.132.245
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.79
185.64.190.80
185.86.137.133
185.94.180.125
188.165.137.78
192.229.163.47
192.229.233.181
192.229.233.218
193.0.160.128
193.122.128.135
198.148.27.140
199.232.136.157
2.18.232.7
2001:678:cb4:bbbb::11
205.185.216.10
206.189.254.17
213.19.147.45
216.52.2.30
23.218.208.200
23.218.208.246
23.37.38.181
23.37.42.132
2600:9000:2156:8000:1f:2473:9080:93a1
2600:9000:2156:9000:7:7419:8e80:21
2602:803:c003:200::41
2606:4700:20::681a:346
2606:4700:20::ac43:4686
2606:4700::6812:a4f
2606:4700::6812:ea1
2620:116:800d:21:f916:5049:f87f:108e
2620:119:50e1:101::6cae:b25
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:808::2003
2a00:1450:4001:809::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2010
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200d
2a00:1450:4001:82f::2002
2a00:1450:400c:c0c::9c
2a02:2638::1c
2a02:fa8:8806:16::1400
2a02:fa8:8806:20::2100
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
2a04:4e42:200::300
3.123.143.157
3.125.251.122
3.216.159.172
3.92.246.31
34.107.148.139
34.120.133.55
34.226.117.177
34.95.69.49
34.96.105.8
34.98.64.218
35.186.253.211
35.244.174.68
37.157.2.236
37.252.172.249
37.252.173.22
38.27.122.101
50.19.31.75
51.89.9.254
52.0.73.248
52.18.12.237
52.207.40.92
52.28.89.176
52.35.90.9
52.46.133.124
52.57.38.203
52.95.126.160
54.175.176.13
54.218.247.33
54.36.109.166
54.77.47.243
54.77.6.213
66.155.71.150
67.202.105.23
69.173.144.139
69.173.144.165
70.42.32.31
72.251.249.9
8.43.72.97
88.214.206.142
021503a2526ae2eb6fb96689c7e4edb950a21735f80d83312f58bd007b5b8ee2
038eac2c04bef0ace1857f3fed5650d6fe5bbdfa0fed4d61e0ac5dc10b3e98c7
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
056fd2b2c4cbd63cf403f2f8c9b6da4edf727034d1e2103c01b355cce62e32ad
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09a6d59f29991351a3146cbc0dfb7c6104ae603120337b7ec05da94c703493da
09ef7a0019eb719db622d9c66e9a57bf1dad7485f52a0fd767ce65920fa7041c
0ab0fd8aa0abaef0b7bcbb66ae93151f0d63a5da59faee11f779c850b0bcbb98
0ac91d4eb7e26b173e613220bd445c4f7dbebc5cb83464093620137fd19a5aaa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0edbe7c0d896e731fe78d07b89e05afcf888259585c613585c333f2a5d86feb1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1466d5fe7d52afd201d4a50b7e63b679ce01cb4d07f4e6dd590ddf8921a3b46f
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
16c55383f3b9c3c5d1571105a923284df4d9670ba630518fdb34c2a57d1e33f5
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
1ba558c1e4e766bcc8650bb3834b2aa70cf25bece6b2631ade75237545ea9d83
1da3e41227522fdef41fbe9cfbca17a3e7b62261f872ff9144ed544f7f4b76c5
20a7ff1c604a10b2ae48d6043797618159ea0e28498ca2fd6cdb38ff3e760b02
211da0b49cab8e83ebf2180802fbd4cf1baa054dc45f0393cd071a3cb17453c3
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
267d1daed09d9ecec5f1e21bb6fe93e6eb9b65a051b7c07e966dfcda10f9e812
26a9abf3bada374ab0667bd1568e5d4d3850cc8c124069da2fb24053c5d17fc4
29dd1274b28750cf6d025630c818336edd5627117f541025592d1e1f5bfadec1
2e9ffbe89c555c24669b8901df8b1387a7509cb4303cdc33079cceaa18f15b13
30cf0171158ae16d268bff7a5ffced521797f5acb8fd20acd1f8373dbb9784f5
3132d6c477f47d70f4f730617efb8ede8f8d87d1ba58589d164fd72f2fb23b9b
31ddc8005048c873eafa8f51597e8cfd355981315a53023b6115977a2b0f8901
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3375ed547e5390a692e64c2e738f6c1d96b2f955ec44c201bb6bbd3db9e50284
33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
35ee2af70732b677a5a7aa374f5b65945dc08a8c52d6eca90ca7a9318b1af838
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
3a3f5819108615c6271ef07789cf63fed1f002541ab4800eaf0547977b4ee0a3
3a5c33327e4165fbbf3af15d0fdd965ba0b0bf69f7b99afbcfe815ea5857fb48
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
410b77cfed895ed4121c51db552980b028e957881909f803f67192c4ad59b315
412066e0bbed90e039b96695f47201f6c41ed6a80956eae271943e45f6b1a3e7
41c40ece877a31e345acb7059773b1e9b2e1427f7eb1124de959b483fbb6beac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ffbabd0626f423cf153120997c5cc18949134192d3cd7a0855a1114d77c734
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
48374dc4cd8df81ea351c02a7f3309ac099f8757c12bcbc80d7ce72a4e390cd4
48515b24887aaf3333a7c2622c894b543b120e170592668eaf8900cef7af79a8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4c60ccccd63bea190325ff843467cad588e52483e2088aae2230bb8f43f8d722
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f138875bd8b6071fa8a5946c4adeb6b38d5176e6f5d66b7221e77915ebd5d34
51fe4d2a530e53aa4d4c69e7e904bd3b26ecdb8daa8e238465e09a45d2aac6b9
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
5624a39478bf09a67d8558a64b09049cbb7e77804805902b0f1e3097380cd2dc
57dd5d643ec3f54de19fda106f50a561991b5bad1fe3364f5f19fbd61f3c6b2f
57ff9206d64e9a3961b7cafac991dbc54f475906fc1714d6f9986f1c060e5bd7
5abd63781c67c7977a98ef35f78b2f8650983af8231aa11df7e3691b26cc3314
5caa85f20199772d1b857c989ac751e590b9c3390fd6b136bdaf5e4941b0b2cf
5d9c07428d087ef02f70906af6210d2ef018ff21bee1eafe8c99c167e03e895e
5f2be5be66b2d34c57fa41f7dce8e5af7a230678238c4de5b4f05172803fe97b
5fdd74a6bf35c6a9f73b4633f8d724be52507d10a966c0391b9972c3aedee663
6048f85601991dc20490dedb38396246226e4ee55865776d45d878bc20a5b149
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e
6334d8953c9b5a1ca9a5a2fe7ab7aba9369556d2cdf134514f22f307820dab8b
64d2653d551fc8075979181b1d93b46f8a0f58dbc0b7b47480304a12b011c65e
68dbf81d8d2f6935cd076477f323bd71864c394b3e624f8023b7a11a6b320b83
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aa89ea72065baa185e6f80cd45013bf3eb8dd0dd79f0f374ff1ade02bf91c22
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6dbfba471ede6d5d286947ae471abb02656ff5cc5f69374dd133ed2ba11e86c3
6f46c2b77f2d088d2acf6aca54a9e726b75bae179a3454b577ae5ca45d1fa2f9
709ca9109f90f86c97c470ee8b4632b818a97a9a9f7ed1617301dbeaafbf2b03
70c5f9bd1f73d51f8bc520ca989ef32dbd930d4e386544760f1a4c3239ae1ca1
713c304865c83ca9d1b08d908fe09a406d4e78d0dc4518b0de875a60c9da489e
71db61cfc23db0cdfbe79033690085414ea0a13dc07daf9d21079eef38f1db6c
76a2a8bb6202c6f9f4d50963857730dc3c4c31dcd6b635fa0c2696dadd2aceb8
795f1b7168b2c746f152051ba6f8b536b715674b934273a76e2d74431dbedf54
7b6ca722b11ece7b4d120738db3c14b8880487b0646a71812abaa66755033d12
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7e2f6da99c8cb226f914a01233f48bb9bf05306a156e59bf068ad71e80350599
7e9f285b1fdf4faa48a857a94f87ce35cc737227e9e6bc079a8bff4ca418f9e7
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68
815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383
82b98908cf2aeb94534f880c5dde49a454638e7486488f9a40f2e1cf825e61f3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841e86a0efc77212d6f95123ce4bbc36ada4043315e5e55d0efd27975ae5c201
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852f3e4e2ff395e89439c543b37f8ebb3bdca5b0dda9ae0b1b6779f3b93fa89f
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
87629cd57dbd6b0971f759ce88e454d939a2275b69e9a113c1f421d2dcf4d4bd
8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da
89c3a0127da2dc19e725842fb7fc64af2d67dc5905ff5931e677488e008bf3e9
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ac0a280acb9c4dd3786ac82e7698f873bfa79b5ad5da771d269a55c28c4cf91
8ade4559ba0159fe586121f621bed885f04755e81a8d02e58eb7d0f9771afe2b
8b4ca02afc05579b79ae3765ccff134871e2ed02f8f7c133efdc8b779ee3deb1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8dce90c8d06a68d557afc87d1783527292438bda3950121393107dcb663dae07
8f49f077e772da0ccd0b88707b57e13e9c8c4bfad49241fe83a2e8f6a7dd5991
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
90f5d5119025abe31c7085ff4e58f40f63bb1e8953f4655f83a225b5698ded1d
919009e570c40f9a6892224e41a8c3fd648842ee623f40fd0daea3e14ca5f9fe
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
9394db09c7d923e754846eb13c2c5178ba4cdb990a0e7c687b02cc1028e9c242
951d1d67fc27d626fd086cf4be4ad87399543d7cf621ce17568bd98bf7cbb81a
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
98a7738bbf5185f09fedd0fb8dd19725b33377965f07b0839213ab22ccff9cc5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b813fd9d5969bb7b5e36b7335cb6903edbe418244659edf1d5bf77841aa6e04
9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1da608ebf4c9e1e32844c5cdf955ba53c4c3c027e682d1c3413ccf5db28c2fb
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a25b4ba9537e0f026e6a6de89402cd59edce7be96e098800bac3ff441365c446
a2716b0f07a214cb2cc3f2d997227bf36e41c8603f4e51175da46d75be53e3e5
a697f946a062e1b8540f0062f5a36be5fd7d3681828a9d1652a593c7d57ead91
a6fa73feb3649cfada244243465bccf81c8277c078302115fd308ea3d324e22a
a791bcf385fbe57ffe4b63d652241bbaf72c2a4662e247ba129921d3c136202f
a96269545af317a8f33bafab25213a20307bbc8d2980e61444d7a1eef7dd4281
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aad41bc53de99fb3d652b661cb325e840efb5e13155b7e82a2080409143225ba
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
abf09d827ae79e23d056ddd8f76fbeef7c9d793e2531d1596fe3b08da141ee24
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b09ce18fe0a3839def8c8a602aad20d1854c56613f77790bb6a4762336857fcd
b19172c164f1eb30e0d576e36850e33e132fa87fcc4094d7c868ed80d831bf05
b30807190a785d2ffddebe2ca1eb1e951a089b6cedc0bd35d4c2c987ad7843db
b34cf12419968bdfafc1f80a20a261661afda90508d3fcaddd68d987cf9898b0
b4822ba57955b342e173ebd20137dae710d8c35dd991aa9fc89270552156e995
b7ba8520fee36ba898dfd9a2fcc351d8f8b5d411aed86f7c1a76325a03bcd56c
b93fb8b4e63849b6b1628fa80b9347d366817ae1d5b5ab63dcac21dcf7447e36
ba772a2e84f48f24229b50144e5a4f8b86b96842b108df11fe9acd2bf9c9c695
bad9e1d666c08d86b9be08eb93a8def15764abf6c4241a69c288d2759ea57fcc
bb0d2c5364626330ebd9fd27bf00305e85eb6f6be08828cc6c62aab0d3a45bd0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd9f422e93eb1cfdf948223882c12a8ba87ab2191ceffaf8689f0bd2b87d3cba
be41c772b9a33a5efef7c9e08cda5be2e322743509b8b84882eb7beae3a27424
beb92436ec50ec52d7af8938bf317470377c3a9e5d9e60d3819a50a950ab3d66
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c17c8581fd964382c123a9124d6b41b14c9c2ba97c8ad3cb6945d379524c51ef
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3db54b5b519e2b7cee057e6e1d91e905b72b4b8f8679d33fdda0d6b402933f2
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c83d91b1381b4c72877f0643addba9cad8b3246f8ab1e88efc7c36917dbeb6b3
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c945fd097c7ed6b99cee9e1178ebdd76da95890c48e9173e6797e72e4eb2ccf8
cb589fa4e0a2e4e3ee8c62236b66a6f5341c4375d7dd006d0267bef4a7b1dbab
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc4ff836c21915980e62cfa48b7b385a07d51e9997e9b15258c72b69d1c1ba0c
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce0f59b36912d2df4ae86190c916897c68cf1a52122b357383c62a9725a2b3b3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2cc3aeb999342fc5460ffb13b57024197be03725b4ff48846fb27626bda58b9
d3e849b50146071e4927939805059df299b058dea347bdc586003127c9ee314b
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56
d8f10d0419469c68b491df9c323907d4eeab8fd9ffc2f7ad7774c83ae13f64de
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
de68eb9cecb3376c5cb1d9cc0f54ed974a8d08e231f3e4c6f7287905ff70ca56
df0b617bb501fd9dc0af947773994d48da578860fb12d9bf857e97bb7da4934b
df64ba4e5bd01732f18db603a5062f2f2a63342ed8f89e632f902767a7ff1a07
e00d7613f44c4ea756afff330ffa942ee537a4d7bcfb11c26da4ceb2e372e399
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4110fa2efb406d2b15dfe0e0e8e753aeda305262057391b903fb9d7c014baf1
e5e78e313a317a211bfa3520f6a5c764e61624b862025c1435742a7cdf851e9a
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e914e3e0c4c55acfcefa2979a861d8e46871b7318cf8cc5d11b6acf1283def35
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
edf3307794a7e8a1cfeb620942c5ab62e5752b40fba2de66daee508ecb95923c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305
fa18546f5b5a6667698d38979f6142d1342535e5e2a382348f9d4dca5d7d6965
faed360cd61cdb6047a3a8b5418673bb518b54204098e67d2b2c973e0328bf89
fc76aaff8b2d583a755dda65d7748e73c615eb74eab17f92283c595758031f13
fcfd9df531e441dae38f5ec47108591b5685e7ab2611d97781b775a0baa6e09c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd759f318c05aa27016761ec693c5f4905f5ecbb1befa4bb3c3338d9d583a0d3
fdb1605c8b1c61e76038cb28e4ca328f3717f02a4dbcbe4c1909b7583fe378c5
fe832f73065fb1f34ca8858cb50dac41ee761966bb3cce02767fb5e8082f336e
ff47a51b08edf0ca7ac7f9a68159719789ca6d97d6b2e93576f42d8a4ffaee32
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2