koel.com Open in urlscan Pro
192.229.233.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Submission: On December 02 via api (December 2nd 2022, 3:18:35 am UTC) from PL — Scanned from DE

Summary HTTP 517 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 100 IPs in 12 countries across 78 domains to perform 517 HTTP transactions. The main IP is 192.229.233.217, located in Saint Joseph, United States and belongs to EDGECAST, US. The main domain is koel.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 11th 2022. Valid for: a year.

This is the only time koel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	192.229.233.217 192.229.233.217	15133 (EDGECAST) (EDGECAST)
13	192.229.233.181 192.229.233.181	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:7a00:7:7419:8e80:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	192.229.233.218 192.229.233.218	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f22... 2a03:2880:f22d:e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:340... 2a02:26f0:3400:1af::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	184.24.171.130 184.24.171.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	13.224.195.78 13.224.195.78	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:2240:8c00:11:1ed0:3900:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
26	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
19	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	13.225.78.101 13.225.78.101	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
15 31	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.111.247.126 104.111.247.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	18.66.112.8 18.66.112.8	16509 (AMAZON-02) (AMAZON-02)
6	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
5	3.124.118.151 3.124.118.151	16509 (AMAZON-02) (AMAZON-02)
7	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
5	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	69.166.1.15 69.166.1.15	27630 (AS-XFERNET) (AS-XFERNET)
5	18.66.97.14 18.66.97.14	16509 (AMAZON-02) (AMAZON-02)
15	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
10 17	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
5	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	46.51.133.171 46.51.133.171	16509 (AMAZON-02) (AMAZON-02)
5	52.28.133.153 52.28.133.153	16509 (AMAZON-02) (AMAZON-02)
8	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
5	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	159.89.246.130 159.89.246.130	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	108.138.4.150 108.138.4.150	16509 (AMAZON-02) (AMAZON-02)
3	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6812:16ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
2	18.235.165.126 18.235.165.126	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:827::2010	15169 (GOOGLE) (GOOGLE)
4	2600:9000:21f... 2600:9000:21f3:3e00:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
13	88.221.168.201 88.221.168.201	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2600:9000:21f... 2600:9000:21f3:a200:1f:2473:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
5	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
5	13.225.78.68 13.225.78.68	16509 (AMAZON-02) (AMAZON-02)
5 17	23.203.77.3 23.203.77.3	16625 (AKAMAI-AS) (AKAMAI-AS)
5	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
3	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
5	54.77.113.16 54.77.113.16	16509 (AMAZON-02) (AMAZON-02)
10	13.32.99.45 13.32.99.45	16509 (AMAZON-02) (AMAZON-02)
30 30	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
18	13.225.78.55 13.225.78.55	16509 (AMAZON-02) (AMAZON-02)
6 14	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
5 10	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
5	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
5	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
5	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
5 10	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
5	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
16 18	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
5 10	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
4 24	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 4	162.19.80.92 162.19.80.92	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	34.111.151.213 34.111.151.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1 3	2a05:d018:d29... 2a05:d018:d29:3601:a6b1:a514:8d07:4a	16509 (AMAZON-02) (AMAZON-02)
2 2	54.171.40.8 54.171.40.8	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 7	52.30.42.211 52.30.42.211	16509 (AMAZON-02) (AMAZON-02)
1 2	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
2	72.251.245.179 72.251.245.179	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
5 6	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
5 10	52.51.35.58 52.51.35.58	16509 (AMAZON-02) (AMAZON-02)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	67.220.224.144 67.220.224.144	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.94.171.212 141.94.171.212	16276 (OVH) (OVH)
3	54.77.35.234 54.77.35.234	16509 (AMAZON-02) (AMAZON-02)
2 4	2a02:2638:1::13 2a02:2638:1::13	() ()
2	2600:1901:0:8... 2600:1901:0:8344::	() ()
4	178.250.2.146 178.250.2.146	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
517	100

29 192.229.233.217 (Saint Joseph, United States)

ASN15133 (EDGECAST, US)

koel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.229.233.181 (Saint Joseph, United States)

ASN15133 (EDGECAST, US)

townsquare.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:7a00:7:7419:8e80:21 (United States)

ASN16509 (AMAZON-02, US)

doi3unldljdx6.cloudfront.net.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.233.218 (Saint Joseph, United States)

ASN15133 (EDGECAST, US)

cdn.production.townsquareblogs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f22d:c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f22d:e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3400:1af::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.24.171.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-171-130.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.195.78 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:8c00:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)

d3div1mtym39ic.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-101.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 104.18.33.19 (None, ) 15 redirects

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.247.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-126.deploy.static.akamaitechnologies.com

cdn.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-8.fra56.r.cloudfront.net

static.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.124.118.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-118-151.eu-central-1.compute.amazonaws.com

krk.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.97.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-14.fra56.r.cloudfront.net

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

townsquaremedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 37.252.171.85 (Frankfurt am Main, Germany) 10 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.51.133.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-133-171.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.28.133.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-133-153.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

api.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:16ea (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.235.165.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-165-126.compute-1.amazonaws.com

funes.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:3e00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:21f3:a200:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.78.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-68.fra2.r.cloudfront.net

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 23.203.77.3 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.77.113.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-113-16.eu-west-1.compute.amazonaws.com

synchrobox.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.32.99.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-45.fra60.r.cloudfront.net

cdn.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
delivery-cdn-cf.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 3.126.56.137 (Frankfurt am Main, Germany) 30 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 13.225.78.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-55.fra2.r.cloudfront.net

usr.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 69.173.144.165 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 198.47.127.18 (United States) 5 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.86.139.114 (France) 5 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.130 (United States) 16 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.46.151.131 (Ashburn, United States) 5 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.80.92 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.241 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.151.213 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3601:a6b1:a514:8d07:4a (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.40.8 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-40-8.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.30.42.211 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-42-211.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.3.28 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.51.35.58 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-35-58.eu-west-1.compute.amazonaws.com

synchroscript.deliveryengine.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.220.224.144 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.212 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.77.35.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-35-234.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (None, ) 2 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8344:: (None, )

ASN- ()

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.146 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	casalemedia.com 19 redirects as-sec.casalemedia.com — Cisco Umbrella Rank: 1437 htlb.casalemedia.com — Cisco Umbrella Rank: 512 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496 dsum.casalemedia.com — Cisco Umbrella Rank: 1307	45 KB
38	pubmatic.com 5 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 479 ads.pubmatic.com — Cisco Umbrella Rank: 474 image8.pubmatic.com — Cisco Umbrella Rank: 594 image6.pubmatic.com — Cisco Umbrella Rank: 658 simage2.pubmatic.com — Cisco Umbrella Rank: 611 image2.pubmatic.com — Cisco Umbrella Rank: 815 image4.pubmatic.com — Cisco Umbrella Rank: 843	213 KB
38	rubiconproject.com 11 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 473 eus.rubiconproject.com — Cisco Umbrella Rank: 558 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 832 pixel.rubiconproject.com — Cisco Umbrella Rank: 292 token.rubiconproject.com — Cisco Umbrella Rank: 540	71 KB
34	doubleclick.net 16 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 73 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 189 ad.doubleclick.net — Cisco Umbrella Rank: 156 cm.g.doubleclick.net — Cisco Umbrella Rank: 194	447 KB
29	koel.com koel.com	243 KB
28	yahoo.com 26 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 272 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 434	5 KB
28	undertone.com hb.undertone.com — Cisco Umbrella Rank: 3577 cdn.undertone.com — Cisco Umbrella Rank: 6014 usr.undertone.com — Cisco Umbrella Rank: 3964	21 KB
27	taboola.com 1 redirects cdn.taboola.com — Cisco Umbrella Rank: 877 sync.taboola.com — Cisco Umbrella Rank: 890 trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com	1 MB
25	adswizz.com 5 redirects synchrobox.adswizz.com — Cisco Umbrella Rank: 6845 cdn.adswizz.com — Cisco Umbrella Rank: 10392 synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2664 delivery-cdn-cf.adswizz.com — Cisco Umbrella Rank: 5024	105 KB
25	serverbid.com e.serverbid.com — Cisco Umbrella Rank: 3552 sync.serverbid.com — Cisco Umbrella Rank: 8511 x.serverbid.com — Cisco Umbrella Rank: 9338	12 KB
22	amazon-adsystem.com 8 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 309 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 533 s.amazon-adsystem.com — Cisco Umbrella Rank: 270 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 874	17 KB
20	openx.net townsquaremedia-d.openx.net — Cisco Umbrella Rank: 41834 u.openx.net — Cisco Umbrella Rank: 665 us-u.openx.net — Cisco Umbrella Rank: 399 rtb.openx.net — Cisco Umbrella Rank: 1403	3 KB
19	adnxs.com 12 redirects ib.adnxs.com — Cisco Umbrella Rank: 204 secure.adnxs.com — Cisco Umbrella Rank: 407	16 KB
19	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 307	6 KB
14	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
13	townsquare.media townsquare.media — Cisco Umbrella Rank: 23300	1 MB
10	smartadserver.com 5 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1379	2 KB
10	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 544 eb2.3lift.com — Cisco Umbrella Rank: 333	3 KB
10	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 1512 sync.go.sonobi.com — Cisco Umbrella Rank: 837	6 KB
10	media.net prebid.media.net — Cisco Umbrella Rank: 1209 contextual.media.net — Cisco Umbrella Rank: 532	41 KB
9	criteo.com 2 redirects dis.criteo.com — Cisco Umbrella Rank: 628 gum.criteo.com mug.criteo.com	3 KB
8	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 739	2 KB
7	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 190	6 KB
7	consensu.org cdn.conversant.mgr.consensu.org — Cisco Umbrella Rank: 38355 api.conversant.mgr.consensu.org — Cisco Umbrella Rank: 40177	204 KB
6	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 596	3 KB
6	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1390	6 KB
6	teads.tv a.teads.tv — Cisco Umbrella Rank: 1391	6 KB
6	gstatic.com fonts.gstatic.com	95 KB
6	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 642	20 KB
5	lijit.com ap.lijit.com — Cisco Umbrella Rank: 592	1 KB
5	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 581	955 B
5	advertising.com 5 redirects pixel.advertising.com — Cisco Umbrella Rank: 1246	2 KB
5	kargo.com krk.kargo.com — Cisco Umbrella Rank: 2250	3 KB
5	solutionshindsight.net static.solutionshindsight.net — Cisco Umbrella Rank: 31938 funes.solutionshindsight.net — Cisco Umbrella Rank: 37089	33 KB
4	dyntrk.com 4 redirects gu.dyntrk.com — Cisco Umbrella Rank: 962	2 KB
4	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 1611	153 KB
4	google.com apis.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4715	22 KB
4	townsquareblogs.com cdn.production.townsquareblogs.com — Cisco Umbrella Rank: 46028	103 KB
3	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 706 id.crwdcntrl.net — Cisco Umbrella Rank: 1445	888 B
3	mathtag.com 3 redirects sync.mathtag.com — Cisco Umbrella Rank: 442	2 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 447	2 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 985 api.btloader.com — Cisco Umbrella Rank: 1142	14 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 108 web.facebook.com — Cisco Umbrella Rank: 233	3 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 732 syndication.twitter.com — Cisco Umbrella Rank: 1048	133 KB
3	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1280	39 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2538 log.pinterest.com — Cisco Umbrella Rank: 3450	19 KB
3	instagram.com 2 redirects platform.instagram.com — Cisco Umbrella Rank: 7563 www.instagram.com — Cisco Umbrella Rank: 1229	5 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 storage.googleapis.com — Cisco Umbrella Rank: 383	23 KB
2	33across.com lexicon.33across.com	393 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4413	562 B
2	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1211	565 B
2	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 749	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 482	1 KB
2	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 629	996 B
2	brand-display.com 2 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1395	591 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 547	631 B
2	ad4m.at ad4m.at — Cisco Umbrella Rank: 9460
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1143	1 KB
2	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 4726	406 B
2	dstillery.com 2 redirects action.dstillery.com — Cisco Umbrella Rank: 5128	280 B
2	google.de www.google.de — Cisco Umbrella Rank: 6168	564 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 149	2 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1361	104 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 134	87 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	144 KB
1	linkedin.com px.ads.linkedin.com	705 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2615	551 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1387	524 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 559	309 B
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 21724	269 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 720	757 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 707	425 B
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 20734	617 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 798	355 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	48 KB
1	cloudfront.net d3div1mtym39ic.cloudfront.net	39 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 182	27 KB
1	net. doi3unldljdx6.cloudfront.net.	43 KB
517	78

	Domain	Requested by
29	ssum-sec.casalemedia.com	15 redirects cdn.undertone.com js-sec.indexww.com ssum-sec.casalemedia.com
29	koel.com	koel.com doi3unldljdx6.cloudfront.net.
25	ups.analytics.yahoo.com	25 redirects
24	dsum-sec.casalemedia.com	4 redirects ssum-sec.casalemedia.com
19	match.adsrvr.org	js-sec.indexww.com cdn.undertone.com sync.serverbid.com ssum-sec.casalemedia.com ads.pubmatic.com
18	cm.g.doubleclick.net	16 redirects
18	usr.undertone.com	cdn.undertone.com ssum-sec.casalemedia.com
17	ib.adnxs.com	10 redirects cdn.production.townsquareblogs.com cdn.undertone.com
14	images.taboola.com
14	www.google-analytics.com	koel.com www.google-analytics.com
13	ads.pubmatic.com	koel.com doi3unldljdx6.cloudfront.net. sync.serverbid.com
13	townsquare.media	koel.com doi3unldljdx6.cloudfront.net.
12	eus.rubiconproject.com	doi3unldljdx6.cloudfront.net. eus.rubiconproject.com cdn.undertone.com
10	synchroscript.deliveryengine.adswizz.com	5 redirects cdn.adswizz.com
10	s.amazon-adsystem.com	5 redirects ssum-sec.casalemedia.com
10	sync.smartadserver.com	5 redirects sync.serverbid.com
10	x.serverbid.com	sync.serverbid.com
10	image8.pubmatic.com	5 redirects cdn.undertone.com
10	pixel.rubiconproject.com	2 redirects cdn.undertone.com
10	e.serverbid.com	cdn.production.townsquareblogs.com sync.serverbid.com
8	onetag-sys.com	cdn.production.townsquareblogs.com doi3unldljdx6.cloudfront.net.
8	securepubads.g.doubleclick.net	doi3unldljdx6.cloudfront.net. www.googletagservices.com koel.com securepubads.g.doubleclick.net
7	dpm.demdex.net	1 redirects ssum-sec.casalemedia.com sync.serverbid.com
7	fastlane.rubiconproject.com	cdn.production.townsquareblogs.com
7	stats.g.doubleclick.net	www.google-analytics.com koel.com
7	cdn.taboola.com	koel.com doi3unldljdx6.cloudfront.net.
6	c1.adform.net	5 redirects ads.pubmatic.com
6	g2.gumgum.com	cdn.production.townsquareblogs.com
6	a.teads.tv	doi3unldljdx6.cloudfront.net. cdn.production.townsquareblogs.com
6	fonts.gstatic.com	fonts.googleapis.com
6	js-sec.indexww.com	koel.com doi3unldljdx6.cloudfront.net.
5	delivery-cdn-cf.adswizz.com	synchroscript.deliveryengine.adswizz.com
5	sync.go.sonobi.com	sync.serverbid.com
5	rtb.openx.net	sync.serverbid.com
5	ap.lijit.com	sync.serverbid.com
5	pixel-sync.sitescout.com	cdn.undertone.com
5	pixel.advertising.com	5 redirects
5	us-u.openx.net	cdn.undertone.com
5	secure-assets.rubiconproject.com	5 redirects
5	cdn.adswizz.com	sync.serverbid.com
5	synchrobox.adswizz.com	sync.serverbid.com
5	contextual.media.net	doi3unldljdx6.cloudfront.net.
5	u.openx.net	doi3unldljdx6.cloudfront.net.
5	sync.serverbid.com	doi3unldljdx6.cloudfront.net.
5	eb2.3lift.com	doi3unldljdx6.cloudfront.net.
5	cdn.undertone.com	doi3unldljdx6.cloudfront.net.
5	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
5	htlb.casalemedia.com	cdn.production.townsquareblogs.com
5	tlx.3lift.com	cdn.production.townsquareblogs.com
5	hbopenbid.pubmatic.com	cdn.production.townsquareblogs.com
5	townsquaremedia-d.openx.net	cdn.production.townsquareblogs.com
5	hb.undertone.com	cdn.production.townsquareblogs.com
5	apex.go.sonobi.com	cdn.production.townsquareblogs.com
5	prebid.media.net	cdn.production.townsquareblogs.com
5	krk.kargo.com	cdn.production.townsquareblogs.com
4	token.rubiconproject.com	4 redirects
4	mug.criteo.com
4	gum.criteo.com	2 redirects
4	aax-eu.amazon-adsystem.com	2 redirects ads.pubmatic.com
4	image2.pubmatic.com	ads.pubmatic.com
4	simage2.pubmatic.com	ads.pubmatic.com
4	gu.dyntrk.com	4 redirects
4	rumcdn.geoedge.be	koel.com
4	cdn.conversant.mgr.consensu.org	doi3unldljdx6.cloudfront.net. cdn.conversant.mgr.consensu.org
4	cdn.production.townsquareblogs.com	koel.com cdn.production.townsquareblogs.com
3	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
3	sync.mathtag.com	3 redirects
3	id5-sync.com	ads.pubmatic.com
3	api.conversant.mgr.consensu.org	cdn.conversant.mgr.consensu.org
3	static.solutionshindsight.net	doi3unldljdx6.cloudfront.net.
3	c.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
3	secure.cdn.fastclick.net	koel.com secure.cdn.fastclick.net doi3unldljdx6.cloudfront.net.
2	15.taboola.com	cdn.taboola.com
2	trc.taboola.com	cdn.taboola.com
2	id.crwdcntrl.net	ads.pubmatic.com
2	lexicon.33across.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	cm.adgrx.com	ssum-sec.casalemedia.com
2	um.simpli.fi	1 redirects
2	match.prod.bidr.io	2 redirects
2	cms.quantserve.com	2 redirects
2	dmp.brand-display.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	secure.adnxs.com	2 redirects
2	ad4m.at	ssum-sec.casalemedia.com
2	storage.googleapis.com	koel.com
2	funes.solutionshindsight.net	doi3unldljdx6.cloudfront.net.
2	api.btloader.com	doi3unldljdx6.cloudfront.net. btloader.com
2	ad-delivery.net
2	action.media6degrees.com
2	action.dstillery.com	2 redirects
2	web.facebook.com	doi3unldljdx6.cloudfront.net.
2	region1.analytics.google.com	koel.com
2	www.google.de	koel.com
2	sb.scorecardresearch.com	doi3unldljdx6.cloudfront.net.
2	i.clean.gg	doi3unldljdx6.cloudfront.net.
2	connect.facebook.net	koel.com doi3unldljdx6.cloudfront.net.
2	platform.twitter.com	koel.com doi3unldljdx6.cloudfront.net.
2	www.googletagmanager.com	koel.com doi3unldljdx6.cloudfront.net.
2	assets.pinterest.com	koel.com doi3unldljdx6.cloudfront.net.
2	www.instagram.com	1 redirects koel.com
1	vidstat.taboola.com	doi3unldljdx6.cloudfront.net.
1	px.ads.linkedin.com
1	sync.crwdcntrl.net
1	pixel.onaudience.com	1 redirects
1	image4.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.taboola.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	euexchangesync.digitaleast.mobi	1 redirects
1	p.rfihub.com	1 redirects
1	ad.turn.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	log.pinterest.com
1	ad.doubleclick.net
1	btloader.com	doi3unldljdx6.cloudfront.net.
1	www.facebook.com	doi3unldljdx6.cloudfront.net.
1	as-sec.casalemedia.com	js-sec.indexww.com
1	syndication.twitter.com	platform.twitter.com
1	www.google.com	koel.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	api.rlcdn.com	js-sec.indexww.com ads.pubmatic.com
1	pagead2.googlesyndication.com	doi3unldljdx6.cloudfront.net.
1	d3div1mtym39ic.cloudfront.net	koel.com
1	platform.instagram.com	1 redirects
1	apis.google.com	koel.com
1	www.googletagservices.com	koel.com
1	doi3unldljdx6.cloudfront.net.	koel.com
1	fonts.googleapis.com	koel.com
517	131

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.dictionary.com
www.apartmentlist.com
ipropertymanagement.com
www.youtube.com
www.biggestuscities.com
www.traveliowa.com
k923.fm
popup.taboola.com
rfvtgb.articlesvally.com
redirectsystems.com
lp.getshopsdeal.com
trk.go-aas.com
elitegadgetinsider.com
planet-tree.de
taongafarm.com
publicfiles.fcc.gov
www.townsquaremedia.com

Subject Issuer	Validity	Valid
www7.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-11` - `2023-10-30`	a year	crt.sh
www6.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-06` - `2023-10-05`	a year	crt.sh
www8.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-23` - `2023-10-30`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-10` - `2022-12-09`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2022-12-01` - `2023-03-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
cdn.conversant.mgr.consensu.org R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
solutionshindsight.net Amazon	`2022-01-20` - `2023-02-18`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.dev.kargo.com Amazon	`2022-03-01` - `2023-03-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.undertone.com Amazon	`2022-09-03` - `2023-10-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.consumableaudio.com R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.conversant.mgr.consensu.org GlobalSign RSA OV SSL CA 2018	`2022-05-12` - `2023-06-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2022-10-20` - `2023-01-18`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
gw.geoedge.be Amazon	`2022-09-12` - `2023-10-10`	a year	crt.sh
sync.serverbid.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.adswizz.com Amazon	`2022-07-22` - `2023-08-20`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.deliveryengine.adswizz.com Amazon	`2022-02-14` - `2023-03-15`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-10-24` - `2023-01-22`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh

This page contains 79 frames:

Primary Page: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Frame ID: BCDE68684C147B979C71F2E7C2BE2D3F
Requests: 233 HTTP requests in this frame

Frame: https://cdn.production.townsquareblogs.com/aleph/
Frame ID: 4C9B7304023151A5C80F003E38625EA1
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fkoel.com
Frame ID: 73F18AAD27796D44413709467A746315
Requests: 2 HTTP requests in this frame

Frame: https://web.facebook.com/v2.8/plugins/like.php?action=like&app_id=211345320604558&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f342d450b052%26domain%3Dkoel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkoel.com%252Ff11cb4283ffd77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fam950koel&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Frame ID: 1DDA2557282270CD5F82FCB42D661E6B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4A45E358618939FFD42E20A30069CEB2
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 1E8509819ACFF702C472EA0600ABD09F
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: A24EC1293EB6F64C71147B88B3383757
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 91A8589E511C80375AED5FF6EA1A10FC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: 7CF9C3D4FB38E922A9F85C59A5732799
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: FF78A478A29906DCB9E1A84AC06C9782
Requests: 9 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: FA9BD7455F5FF3BB80092E151AF54FB7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1669951109935
Frame ID: 9C4189FFB90EAD0038F7761965231CAC
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: CB3DE1FA29420D41C240A44BF0076BF0
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 9A60E57E4E4D06767F7832BFCAD73357
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E2A035E57AED2B5DBDCD5DB80D3C89AD
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: 624ADDD00AB6F5E37524E33D1D22B201
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BA9DA8897BAB57B5403ACA407C5982A1
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 02F57DBDE7DD05092E7AF406BE6D2D23
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: B35B1A014DFCF5D672991BD1F88BFE0E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 132376FB960914C6F7436042C56C1264
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 2DD550094F00BBF433DC8A7C04B2766F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A85E44DB0DC835C89A8207B86011227F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 5F2809DA6E5A0AC8702536DDF787ECF4
Requests: 9 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: 32944FF8588F706D6884033620272284
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: B39A2DBE9D977AC37F7EB0EDBEBE0E86
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: CE28CA2D9EF6EDAA39B366A3181EC735
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1669951109925
Frame ID: AD2E6BBF8A230EA6FBDC817CD12F5E83
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 17C9C2BEFD80FF01DCCB4A6567EC46EA
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 382898A4E3E52E379A7FA5D69D80B676
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 19B949C27AA6098C5CAC470590439A5E
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: BFAFF0EB2C71648B9934B56E5C551333
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: C05C943D28860100C98705939C037676
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 4E7328A770B1E8D314C58EF42D83564F
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 8AAD13CBBD19F4D7FA11F47C74AE9EA6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 16CBE3DE08C1D77EC18B88E470FFBD65
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 7EDEA2D53BABC896F8CD681693761393
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 01A013186AA1E4AA2096E1A779542812
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: B05557C9066A61774D43C31EFDB6B1E0
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EEA9E48B45DA8DE047B80C93FB7A4729
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: 2974A57E39EEEAF0B2ED7060F36D18AB
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A48BB9486699723E8202F68DF01E848D
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: 81623C723374A3D7C40273B2EF84184E
Requests: 12 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: 0ABA026B45B6ED6D3124B91E26714588
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1669951109927
Frame ID: 163ECBA92EB511613B3453DD7B7F00C4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: F1C1F4A6647703589A574E9CAB310143
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: CF72DECBE9A16F5DF97CACECA23E77DE
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: BC4C1B338DFD73AC854DE9EECE0ABADB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 6DDC6BACD04F57E75DC57C19B4B69B25
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 26EDEB5861FA768CFF5D2FDFE2E6709A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: C0B2BF3ED6B89E668C4BFECACB12FCDF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 289F0F916C7F5DBCF39BD121DF3BA0B8
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 926F7F2F2BF20BC4C173F6058EF855F6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 34D05770FFFEA42F1D5C2914EBA1A007
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 18485319475411BC3366B5FA4C587C85
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: E9257D84E55C8FA3A7480E147C949D00
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 7BCE0063CB58585CA0E7E08CF08F51C2
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 64A882011EBE41A4F8383893483D5611
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 4F0BFBCDF63E9A4E6DEC90E1CABF33A1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 01B8950AAA29D873BA7BBE378EEDA3F2
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPjXIAAPjXIAAAXADAENCtCgAAAAAH_AAAAAAAASVAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCAlsqEEoLpDTCAKssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIT0AAA.YAAAAAAAAAAA&d=https%3A%2F%2Fkoel.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CC4D29B3FA1F9393814DD3C7065BF344
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPjXIAAPjXIAAAXADAENCtCgAAAAAH_AAAAAAAASVAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCAlsqEEoLpDTCAKssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIT0AAA.YAAAAAAAAAAA&d=https%3A%2F%2Fkoel.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A7AE8A0651792ED994F2182B2E68B5CD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPjXIAAPjXIAAAXADAENCtCgAAAAAH_AAAAAAAASVAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCAlsqEEoLpDTCAKssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIT0AAA.YAAAAAAAAAAA&d=https%3A%2F%2Fkoel.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 94B481BB9A249B1DA35C4B5E50BA8BC3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPjXIAAPjXIAAAXADAENCtCgAAAAAH_AAAAAAAASVAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCAlsqEEoLpDTCAKssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIT0AAA.YAAAAAAAAAAA&d=https%3A%2F%2Fkoel.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 47A0804A55B7F43475B04A854B47CCC5
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AB6B4923423A1160D6D8957C70FF4054
Requests: 1 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 67E57278974FE10CB320C6862504E575
Requests: 2 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 660639B2C33C25F3E05A23D87BC2AA2B
Requests: 2 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: D8BF926FAAF80CB3BB2E35691C48084D
Requests: 2 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: B3A232F18F88439752225E8D5BEC3479
Requests: 2 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 7F973A6ACC7C7D724AE0719880BA663A
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=220CBF35-2E8B-4960-BD57-56E253BFEDE6&gdpr=0&gdpr_consent=
Frame ID: 9934624A6757A2890A5FA3681B9493CC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a736389-6e8a-4d00-9477-ec38a71dfab0&gdpr=0&gdpr_consent=
Frame ID: 2AD30E67E1D5172357AE43EF5CAA67CC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8798324505300909231
Frame ID: 4BC8523C7058CA1091F2137AC36D17E0
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D71F97869D4D7FA2BD3C50033DB01E61
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=220CBF35-2E8B-4960-BD57-56E253BFEDE6&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 4B86D3BC7AF83FCAA1A81B8189E44B00
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=701414362275006164&gdpr=0&gdpr_consent=
Frame ID: CC1FB3B8A7F8AA6A8EE45A6B9576CA92
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DODeDgy23lYX44BWAubLBw7h31MX4oUED-GII0zL
Frame ID: 803B67ECF85C515B541E2A591FAB81FD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7172385420552108171&gdpr=0&gdpr_consent=
Frame ID: 0459F52906472D75363C7209F2561E6C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPjXIAAPjXIAAAXADAENCtCgAAAAAH_AAAAAAAASVAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCAlsqEEoLpDTCAKssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIT0AAA.YAAAAAAAAAAA&d=https%3A%2F%2Fkoel.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C6A39A62E2C28AA5BCA24E5D911E7DFA
Requests: 1 HTTP requests in this frame

Frame: https://web.facebook.com/v2.8/plugins/like.php?action=like&app_id=211345320604558&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4c1cc9a47128%26domain%3Dkoel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkoel.com%252Ff11cb4283ffd77%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Frame ID: 2A9D8A0FFF32D9A6B87480F25C7E6D81
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Did You Know Squatters Can Claim Rights To Your Property In Iowa?

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

517
Requests

81 %
HTTPS

32 %
IPv6

78
Domains

131
Subdomains

100
IPs

12
Countries

5152 kB
Transfer

13139 kB
Size

95
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/am950koel
Title: Visit us on Facebook

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=http%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanew%2F%3Ftrackback%3Dfbshare_mobile
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?text=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F%20http%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanew%2F%3Ftrackback%3Dtwitter_mobile%20%40K923waterloo
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.dictionary.com/browse/squatter
Title: Dictionary

Search URL Search Domain Scan URL

URL: https://www.apartmentlist.com/rental-management/squatters-rights-evictions
Title: Apartment List

Search URL Search Domain Scan URL

URL: https://ipropertymanagement.com/laws/iowa-squatters-rights#:~:text=A%20squatter%20can%20claim%20rights,legal%20ownership%20of%20the%20property.
Title: Iowa Property Management

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=hQn89N0xlMw
Title: Kerri Mac

Search URL Search Domain Scan URL

URL: https://www.biggestuscities.com/city/elkport-iowa
Title: In the most recent U.S. census

Search URL Search Domain Scan URL

URL: https://www.traveliowa.com/cities/elkport-iowa/187/
Title: Turkey River.

Search URL Search Domain Scan URL

URL: https://k923.fm/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=townsquaremediatsm-koel&utm_medium=referral&utm_content=thumbnails-below:Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://rfvtgb.articlesvally.com/worldwide/car-miles%20https:/cleverst.com/worldwide/car-miles?utm_medium=taboola&utm_source=taboola&utm_campaign=ta-av-carmi-bc4-des-0w-ct-24112d&utm_term=townsquaremediatsm-koel&utm_bid=XBWGjEr0p4UOvDj6RRsMwtDdsLpCa1PpyOAkvQpemyk=&utmk=GiBBOpRL6Z7GAp5HVzBLaHS1-gl6jB6ETyM2muyC3cZ98CDa10Yom9e3ybaIgP_HAQ
Title: Articles Vally

Search URL Search Domain Scan URL

URL: https://redirectsystems.com/?mk=aUjPMqR4nk&ci=22288130&ad_id=3586485002&ad_title=Wie+viel+kostet+eine+Wohnung+in+Dubai%3F+Der+Preis+k%C3%B6nnte+Sie+%C3%BCberraschen&cust_id=1476041&cust=townsquaremediatsm-koel&de=Desktop&timestamp=2022-12-02+03%3A18%3A34&source=2&ct=Dubai+Villa&mp=Open&ln=EN&pxtb[id]=1464673&pxtb[ec]=click_event&pxtb[cid]=GiBBOpRL6Z7GAp5HVzBLaHS1-gl6jB6ETyM2muyC3cZ98CDhslkok4fk9_D8tw0#tblciGiBBOpRL6Z7GAp5HVzBLaHS1-gl6jB6ETyM2muyC3cZ98CDhslkok4fk9_D8tw0
Title: Dubai Villa | Sponsertéiert Linken

Search URL Search Domain Scan URL

URL: https://lp.getshopsdeal.com/en/products/razorx/advertorial?aff_id=71164&cop_id=rsuj89Sd&preload=%7Bpreload%7D&show_timer=0&reviews_off=1&exit=0&tpl=emc1&utm_source=taboola&utm_medium=referral&tblci=GiBBOpRL6Z7GAp5HVzBLaHS1-gl6jB6ETyM2muyC3cZ98CCS9ksov6De08_45ph8#tblciGiBBOpRL6Z7GAp5HVzBLaHS1-gl6jB6ETyM2muyC3cZ98CCS9ksov6De08_45ph8
Title: RazorX

Search URL Search Domain Scan URL

URL: https://trk.go-aas.com/sea?offer=Hearing+Aids+PR&country=DE&campaign_id=20749125&campaign_item_id=3561183562&site=townsquaremediatsm-koel&site_id=1476041&title=Erschwingliche+H%C3%B6rger%C3%A4te+f%C3%BCr+Senioren+%28Hier+finden%29&click_id=GiBBOpRL6Z7GAp5HVzBLaHS1-gl6jB6ETyM2muyC3cZ98CDnyloottyZj8OY9PzUAQ&network=taboola&account=happystory&tblci=GiBBOpRL6Z7GAp5HVzBLaHS1-gl6jB6ETyM2muyC3cZ98CDnyloottyZj8OY9PzUAQ#tblciGiBBOpRL6Z7GAp5HVzBLaHS1-gl6jB6ETyM2muyC3cZ98CDnyloottyZj8OY9PzUAQ
Title: Hörgeräte | Suchanzeigen

Search URL Search Domain Scan URL

URL: https://elitegadgetinsider.com/superscratch-pen-de-n/?utm_source=taboola&utm_medium=referral&tblci=GiBBOpRL6Z7GAp5HVzBLaHS1-gl6jB6ETyM2muyC3cZ98CD--lEotqz5j6KlnqvpAQ#tblciGiBBOpRL6Z7GAp5HVzBLaHS1-gl6jB6ETyM2muyC3cZ98CD--lEotqz5j6KlnqvpAQ
Title: Elite Gadget Insider

Search URL Search Domain Scan URL

URL: https://planet-tree.de/?utm_source=taboola&utm_medium=referral&tblci=GiBBOpRL6Z7GAp5HVzBLaHS1-gl6jB6ETyM2muyC3cZ98CD6lFEoxJiNyJq3va6ZAQ#tblciGiBBOpRL6Z7GAp5HVzBLaHS1-gl6jB6ETyM2muyC3cZ98CD6lFEoxJiNyJq3va6ZAQ
Title: Planet Tree

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=townsquaremediatsm-koel&utm_medium=referral&utm_content=thumbnails-rr:Right%20Rail%20Thumbnails:
Title: Sponsored Links

Search URL Search Domain Scan URL

URL: https://taongafarm.com/de/landings/gp/28?ref=W_150722_WW_Click_Video_DE&mng=VK&utm_source=taboola&utm_campaign=W_150722_WW_Click_Video_DE&utm_medium=display&cc=19917578&utm_term=1476041_townsquaremediatsm-koel&utm_content=3565684856#tblciGiBBOpRL6Z7GAp5HVzBLaHS1-gl6jB6ETyM2muyC3cZ98CDJpEcozqO71aLMorEJ
Title: Taonga: Die Inselfarm

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/am-profile/KOEL
Title: Public File

Search URL Search Domain Scan URL

URL: https://www.townsquaremedia.com/
Title: , Townsquare Media, Inc

Search URL Search Domain Scan URL

URL: https://www.townsquaremedia.com/privacy-policy
Title: privacy policy.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 18

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 174

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KOELAM&ncv=24 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KOELAM&ncv=24

Request Chain 175

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24

Request Chain 274

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Request Chain 275

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 278

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A

Request Chain 281

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1

Request Chain 283

https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

Request Chain 287

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177

Request Chain 289

https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1

Request Chain 290

https://ups.analytics.yahoo.com/ups/58671/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58671/occ?verify=true HTTP 302
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

Request Chain 291

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164

Request Chain 295

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A

Request Chain 298

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1

Request Chain 300

https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

Request Chain 301

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Request Chain 302

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 304

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177

Request Chain 306

https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1

Request Chain 307

https://ups.analytics.yahoo.com/ups/58671/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58671/occ?verify=true HTTP 302
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

Request Chain 308

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164

Request Chain 312

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=701414362275006164

Request Chain 314

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A

Request Chain 317

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1

Request Chain 319

https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

Request Chain 320

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Request Chain 321

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 323

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177

Request Chain 325

https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1

Request Chain 326

https://ups.analytics.yahoo.com/ups/58671/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58671/occ?verify=true HTTP 302
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

Request Chain 327

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164

Request Chain 331

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=701414362275006164

Request Chain 333

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A

Request Chain 336

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1

Request Chain 338

https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

Request Chain 339

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Request Chain 340

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 341

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=701414362275006164

Request Chain 343

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A

Request Chain 346

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1

Request Chain 348

https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

Request Chain 349

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Request Chain 350

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 352

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177

Request Chain 354

https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1

Request Chain 355

https://ups.analytics.yahoo.com/ups/58671/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58671/occ?verify=true HTTP 302
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

Request Chain 356

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164

Request Chain 361

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177

Request Chain 363

https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1

Request Chain 364

https://ups.analytics.yahoo.com/ups/58671/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58671/occ?verify=true HTTP 302
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

Request Chain 365

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164

Request Chain 378

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4luiUTgaSE1cAOo173A8gAABJYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y4luiUTgaSE1cAOo173A8gAABJYAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBvPoxfuXbntwTgr37IaEjo&google_cver=1

Request Chain 379

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiUTgaSE1cAOo173A8gAABJYAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiUTgaSE1cAOo173A8gAABJYAAAIB&dcc=t

Request Chain 381

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4luiSbzMqW6Vu4hNukvCgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYbhGyw7ZBRGk6nb4EuchE&google_cver=1

Request Chain 382

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 384

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2a736389-6e8a-4d00-9477-ec38a71dfab0

Request Chain 385

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=701414362275006164

Request Chain 387

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4luiSbzMqW6Vu4hNukvCgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKtBq0DvY2jYs_MKuqjdZvA&google_cver=1

Request Chain 388

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSURUpH_Jglvsd898AAABGoAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSURUpH_Jglvsd898AAABGoAAAIB&dcc=t

Request Chain 389

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4luiSURUpH_Jglvsd898AAABGoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y4luiSURUpH_Jglvsd898AAABGoAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECrQwMGcSSQcZJN_2desIL0&google_cver=1

Request Chain 391

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y4luigAASP55PgAe HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4luigAASP55PgAe&_test=Y4luigAASP55PgAe

Request Chain 392

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=92ab3b02-957f-5459-d5dea714

Request Chain 394

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=QGsaA0A9GltbaERbTm0PCkJqG15baUEJQ2p0e5Zt

Request Chain 397

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=701414362275006164

Request Chain 398

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEZrE7HEt0AAB9nYrBnyw&expiration=1671160714

Request Chain 399

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2584608020424312419

Request Chain 400

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084922768025980

Request Chain 401

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 402

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3c5ed155-988a-0b1c-75b8a696

Request Chain 403

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=805e73c5-cc5e-479f-816f-e5a6e7cf9d9d

Request Chain 405

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4luiftvSxSp2wLsmBoPlwAABMMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y4luiftvSxSp2wLsmBoPlwAABMMAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDFVRRThmRsJQOeUzb8vhGg&google_cver=1

Request Chain 406

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4luiSbzMqW6Vu4hNukvCgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKd95Ao9_-wk_lE8ImT9v38&google_cver=1

Request Chain 407

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiftvSxSp2wLsmBoPlwAABMMAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiftvSxSp2wLsmBoPlwAABMMAAAIB&dcc=t

Request Chain 409

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y4luiftvSxSp2wLsmBoPlwAA%261219?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y4luiftvSxSp2wLsmBoPlwAA%261219

Request Chain 410

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D22DEA17278644C7860BF5818CA5ED2F

Request Chain 411

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 414

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB&dcc=t

Request Chain 416

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKLzaQ8Hy9C7ZGltuMpMtyI&google_cver=1

Request Chain 417

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4luiSbzMqW6Vu4hNukvCgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPkrDEYzH-GtQabXnFvl3NM&google_cver=1

Request Chain 418

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1522284163619371211&expiration=1671123342

Request Chain 419

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSbzMqW6Vu4hNukvCgAA%265177 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=96a64b5b-a98f-497a-b448-977b3fd06b35-tucta82f40a

Request Chain 428

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

Request Chain 430

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

Request Chain 432

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

Request Chain 434

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

Request Chain 436

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

Request Chain 438

https://c1.adform.net/serving/cookie/match?party=14&cid=220CBF35-2E8B-4960-BD57-56E253BFEDE6&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=220CBF35-2E8B-4960-BD57-56E253BFEDE6&gdpr=0&gdpr_consent=

Request Chain 439

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a736389-6e8a-4d00-9477-ec38a71dfab0&gdpr=0&gdpr_consent=

Request Chain 440

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8798324505300909231

Request Chain 442

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=220CBF35-2E8B-4960-BD57-56E253BFEDE6&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=220CBF35-2E8B-4960-BD57-56E253BFEDE6&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 443

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=701414362275006164&gdpr=0&gdpr_consent=

Request Chain 444

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DODeDgy23lYX44BWAubLBw7h31MX4oUED-GII0zL

Request Chain 445

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7172385420552108171&gdpr=0&gdpr_consent=

Request Chain 446

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Igy_NS6LSWC9V1biU7_t5g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 447

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2a736389-6e8a-4d00-9477-ec38a71dfab0

Request Chain 448

https://pixel.onaudience.com/?partner=214&mapped=220CBF35-2E8B-4960-BD57-56E253BFEDE6&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c98493de0a843cf7/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D

Request Chain 449

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjIwQ0JGMzUtMkU4Qi00OTYwLUJENTctNTZFMjUzQkZFREU2&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 450

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJdBcErCzocUEvXKhCDig3Q&google_cver=1

Request Chain 452

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1522284163619371211

Request Chain 472

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkoel.com%2F&domain=koel.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=aFC7SXxHMXoxQjkyQm5QcFlRclFBL2JiV3d5Vm9ud3Y4Vm5EcEdySlhjaHhBTGx5RXBYUnVoVHViNmxDeXFocStNUElsbHlzZUZmbjM3Y0tzT3VsaTJSc21pMjlndHVCUm9KOWRLZ0JSMnBtK3UyRjZnYU9YSEJOeGJzT01JM2l1UnQxMDVXZ1BOYmRKQUVrMzYyeUdVRjlSOXJUOEJCaXFjTXhhTGhrdm5reHJ1V3crdWlDekpvYi9BemtIeXV6UHZjckg2b2QweGpIZFo2SC9HMWlFbldnQkZaRnlJOUNZdVdvOHlnMFJwMHFqUUpJPXw&cppv=2

Request Chain 479

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkoel.com%2F&domain=koel.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=scnDN3xjQVFMbVpodkpiUitmQ3lyTE5xQVZYbU83K1dNa3JlaUpDQmRyNlRKWkxxUUlENUlEV0VENzk0RkJLdGJ2S2RaRDZ3T3ZieEt5VGswRGNVWDVhRWZsTXRNT1BENXhsVjlpM0svb3l1SkljdWhzOGlLQnJWZDAzek1ZRnY1RklDcVBmNzZNbmtON2owcnZJSnJYcjE3ek1vbVh4S3RUSUM4OVN5b3JuRmttN21EbnhESU9NbTU1L3pMQ0dzYzNKSXlJRXJsT0x6b3JkVFVITzNwRW5tSjRmejBBUVhJRUJZZ000WFNiVzZ6STRJPXw&cppv=2

Request Chain 483

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECNEIecdz-POUloKDu-te_Y&google_cver=1

Request Chain 484

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI1WFJVV1EtSC00WTBM

Request Chain 486

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7EcZT_t2S061zlkJY0G1oQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7EcZT_t2S061zlkJY0G1oQ

Request Chain 487

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB5XRUWQ-H-4Y0L

Request Chain 488

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/4CuGU8w2wdrgRul-uV_BEw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-XyQC3RBE2oLLycF0nWZRkNGMeAdDUBuYqfJ01w--~A

Request Chain 489

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2M5NDk3N2VlNjZlNTY5NWIyNWU5MzUxMjM0NzI5OTI3YTQ2MThmYg

Request Chain 490

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qK87cqAiTnyI4yJp23FE9g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qK87cqAiTnyI4yJp23FE9g

517 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/ 165 KB
36 KB 607ms
525ms Document
text/html 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

a6e0b2e4a05ac12fbe637a1fd60d56198bc68fe35fa123aa73ae4d66391d5c88

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-cache
content-encoding: gzip
content-length: 36083
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 03:18:27 GMT
etag: W/"2938f-pYB+iTH3c3Lm/cIz9mfhBw"
expires: Fri, 02 Dec 2022 03:18:27 GMT
gdpr-source: DE
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-abgroup: A
x-cache: MISS
x-device: desktop
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-ua-device: desktop
x-varnish: 3453735951

GET
H2 200 base.css
koel.com/styles/desktop/ 534 KB
115 KB 8ms
6ms Stylesheet
text/css 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/styles/desktop/base.css?ver=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F3) / Express

Resource Hash

97b5ddba15c220a34050cb7364343eccd8f777e367a7f82c70c0d0c757c65543

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25313
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 117615
last-modified: Thu, 01 Dec 2022 20:16:35 GMT
server: ECS (frb/67F3)
etag: W/"856ab-kY1296sifF6Oen4MJyhv2g"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
x-varnish: 3448062121
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 main.bundle.7de44a93c6ab86b5f8800facee2078010e182b63.js Show response
townsquare.media/public/dist/desktop/ 912 KB
236 KB 553ms
8ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/dist/desktop/main.bundle.7de44a93c6ab86b5f8800facee2078010e182b63.js?mver=85&gver=3

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) / Express

Resource Hash

6969686b1900f3ff1aab25321803efddfbaef84b9bf4bc6cece0c6f4a81054af

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25313
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 241679
last-modified: Thu, 01 Dec 2022 20:12:19 GMT
server: ECS (frb/674D)
etag: W/"e417d-184cf51907f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3448062114
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 132ms
47ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d05aa7fda69e5a6629806fe1b77d18eb6ce5a777eed211f77b51b728f62b4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 03:01:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 03:18:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 116ms
36ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 03:15:51 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 157
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 02 Dec 2022 05:15:51 GMT

GET
H2 200 autotrack.carbon.js Show response
townsquare.media/public/resources/js/ 4 KB
2 KB 19ms
14ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/autotrack.carbon.js

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) / Express

Resource Hash

17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 26606
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 2031
last-modified: Thu, 03 Oct 2019 20:41:47 GMT
server: ECS (frb/67D4)
etag: W/"119a-16d935b730e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 2584710094 2581872839
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 script.js Show response
doi3unldljdx6.cloudfront.net./ 123 KB
43 KB 52ms
9ms Script
application/javascript 2600:9000:20eb:7a00:7:7419:8e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doi3unldljdx6.cloudfront.net./script.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7a00:7:7419:8e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4baaf56ea553456befd3e5c2e76948d05b59e4b9b5e5d9cc6f2421db575654d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: GQjQ_gMibh6QQvpRmWGTzZW.rIPcI7EI
content-encoding: gzip
via: 1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
date: Fri, 02 Dec 2022 03:17:56 GMT
last-modified: Fri, 02 Dec 2022 00:20:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 37
etag: W/"b539101e8611783393a99e0403a6b1dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: VUjwXSDtgrC7vcu8xftX39pyBNtjIJYyDhIyrcYtRHZXCVinRIAsDw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 141ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16448684a959c3d49f6e67c1ae86b1345c604fbd31810b6b6536c36f31744393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27425
x-xss-protection: 0
server: sffe
etag: "1409 / 723 of 1000 / last-modified: 1669935944"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 02 Dec 2022 03:18:28 GMT

GET
H2 200 186854-113710634486999.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 88ms
37ms Script
text/javascript 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 03:01:13 GMT
server: cloudflare
age: 955
etag: W/"763288-930b-5eecf8ce7a328"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 7730ea5d4f909b43-FRA
expires: Fri, 02 Dec 2022 07:18:28 GMT

GET
H2 200 pb.js Show response
cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/ 345 KB
102 KB 494ms
19ms Script
application/javascript 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.218 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/63D8) / Express

Resource Hash

92d8ecf50a6bd997acb54e1997479a043f57939a32ee821c96714917fb5edf64

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 24750
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop, desktop
x-device: carbon, carbon
content-length: 103633
last-modified: Thu, 01 Dec 2022 21:38:14 GMT
server: ECS (lhb/63D8)
etag: W/"56461-rMmoiFmdykUyhGQiVS+6eQ"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-varnish: 3448226926, 2583419263 2582387454
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 142ms
47ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e0194519c661e2457b5eed727ddb9096a5b13778ba6c1a3813d97852ad8bcdf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 03:18:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20982
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "0053a8bd2046ac7c"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Dec 2022 03:18:28 GMT

GET
H2

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

8ms
7ms

Script
text/javascript

2a03:2880:f22d:e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Server: 2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 06:29:37 GMT
content-encoding: br
x-fb-trip-id: 1679558926
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843

Redirect headers

date: Fri, 02 Dec 2022 03:18:28 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: cln
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
448 B 311ms
13ms Script
application/javascript 2a02:26f0:3400:1af::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3400:1af::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=296
accept-ranges: bytes
content-length: 203

GET
H2 200 attachment-256.png
townsquare.media/site/672/files/2022/01/ 71 KB
71 KB 17ms
14ms Image
image/png 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/672/files/2022/01/attachment-256.png

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) / Express

Resource Hash

eb132cb9077cdc99ef30312a2946e6131ee5372c680f76a6a7c1e9513b77bb53

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
via: 1.1 varnish
age: 26544957
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 72483
last-modified: Fri, 28 Jan 2022 21:32:27 GMT
server: ECS (frb/6738)
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-varnish: 2156440322 2155502344
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 attachment-Untitled-design-2022-12-01T105615.981.jpg
townsquare.media/site/726/files/2022/12/ 69 KB
69 KB 246ms
243ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/726/files/2022/12/attachment-Untitled-design-2022-12-01T105615.981.jpg?w=980&q=75

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

b6d46331610533acd60153b27aaa675a37556d01336a58f4ba0e4aa8fac4813d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
via: 1.1 varnish
age: 0
x-powered-by: Express
x-cache: MISS
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 70645
last-modified: Thu, 01 Dec 2022 17:49:37 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 3453736181
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

POST
H2 200 cogitoergosum Show response
koel.com/rest/high/api/ 128 B
495 B 318ms
318ms XHR
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/rest/high/api/cogitoergosum

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

8699655a7eeb9694ed2476f0d14a0be2d2142af9f4b1a018dd15ff37df8da95a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 02 Dec 2022 03:18:28 GMT
server: nginx
etag: W/"80-MboqhgpWe7yh4x5uYQZ6FWFiLuI"
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
content-length: 128
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
69 KB 136ms
46ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K346HJZ

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0f16cb9e16fb9cc23fb9be02dd29c5bf86a6db77920a098e82dfd3fbb2a4223

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70272
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Dec 2022 03:18:28 GMT

GET
H2 200 cmp.bundle.js Show response
townsquare.media/public/resources/js/ 185 KB
46 KB 17ms
14ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/cmp.bundle.js

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C2) / Express

Resource Hash

9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 66642
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 46582
last-modified: Mon, 26 Oct 2020 18:28:52 GMT
server: ECS (frb/67C2)
etag: W/"2e534-175662b91b7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3438549544
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 48ms
7ms Script
application/javascript 184.24.171.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.171.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-171-130.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Fri, 02 Dec 2022 03:33:28 GMT

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

178 KB
39 KB

47ms
8ms

Script
application/javascript

2600:9000:2240:8c00:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Server: 2600:9000:2240:8c00:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 02:36:37 GMT
content-encoding: br
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 2512
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: r9zEWPU5GaHdIeYw9Q8NqMMpxCNMwjNildEtv8OhCtraqqrBHMmNKg==

Redirect headers

date: Fri, 02 Dec 2022 00:42:28 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 9360
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: cN4jxJghBhQb2oV3x6AcKLDG79OEhDXqpNUbzqrJ0HKYFbOR9RoJ0A==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 63ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:18:28 GMT
Content-Encoding: gzip
Age: 1360
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29221
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
Server: ECS (frb/67D3)
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 42ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

58c4b6b5d478269b18ee94c5e0276774210f13472059e206f72bcf8c4c338df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 03:18:28 GMT
content-md5: QFqZD0RGnhlr2JexQZhEGw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: f0RaAGkAKPSiTepbHbuJHbjWkiQUfgWEZTvL69LgqYbHLqpTIFgFZeEFeZ0kBLGHgxOI8qSzDcNSQSbMAMuQ7w==
x-fb-trip-id: 917726464
x-fb-content-md5: 95fffa352d4e12d7068819e6e081f354
cross-origin-opener-policy: same-origin-allow-popups
etag: "7c68365e87fc6608db548057d47b5737"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Fri, 02 Dec 2022 03:38:03 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/townsquaremediatsm-network/ 100 KB
26 KB 34ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/townsquaremediatsm-network/loader.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c9a106900cb07c24aa2cbec407adefaf904ae3e9ef780d1bbf8a839f1182dcb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: sCkzH3h52pLCFLvrUP1BON2bCuNpXuNV
content-encoding: gzip
via: 1.1 varnish
date: Fri, 02 Dec 2022 03:18:28 GMT
x-amz-request-id: C3FM326KQ4TZB51P
age: 9898
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 6
content-length: 26430
x-amz-id-2: OK48EQYJz3fYDxyVOYqocRcvi3bWIxro8VBLLkT7VT1u+oBG6oXp5SXboO6fq/8wdVC5nasM6/M=
x-served-by: cache-hhn4063-HHN
last-modified: Thu, 01 Dec 2022 17:49:25 UTC
server: nginx
x-timer: S1669951109.756678,VS0,VE1
etag: "90a332b7e3c93e51be221abe915202d95502e9df"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 13
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 / Show response
cdn.production.townsquareblogs.com/aleph/ Frame 4C9B 2 KB
859 B 10ms
9ms Document
text/html 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.production.townsquareblogs.com/aleph/
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) / Express
Resource Hash: e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 291
cache-control: no-cache
content-encoding: gzip
content-length: 708
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:28 GMT
etag: W/"7dd-17eb77f3028"
expires: Fri, 02 Dec 2022 03:18:27 GMT
gdpr-source: DE
last-modified: Tue, 01 Feb 2022 22:54:33 GMT
server: ECS (frb/675D)
vary: Accept-Encoding
via: 1.1 varnish
x-abgroup: A
x-cache: HIT
x-powered-by: Express
x-varnish: 2587860233 2587827611

GET
H2 200 koelam.jpg
townsquare.media/site/672/files/2018/08/ 140 KB
140 KB 8ms
7ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/672/files/2018/08/koelam.jpg

Requested by

Host: koel.com
URL: https://koel.com/styles/desktop/base.css?ver=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F3) / Express

Resource Hash

ed8c4b630b6e0ccf63c9efe8196887b9b9a9d044fa9aa665ff476d551203ba26

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
via: 1.1 varnish
age: 29247020
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 143359
last-modified: Mon, 30 Sep 2019 18:33:20 GMT
server: ECS (frb/67F3)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 1697038251
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 123ms
36ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://koel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:10:42 GMT
x-content-type-options: nosniff
age: 466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 03:10:42 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 131ms
45ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://koel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:09:50 GMT
x-content-type-options: nosniff
age: 274118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 23:09:50 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 162ms
75ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://koel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 08:45:21 GMT
x-content-type-options: nosniff
age: 239587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 08:45:21 GMT

GET
DATA 200
OK truncated
/ 50 KB
50 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c

Request headers

Referer
Origin: https://koel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: font/opentype;charset=utf-8

POST
H2 200 cogitoergosum Show response
cdn.production.townsquareblogs.com/rest/high/api/ Frame 4C9B 128 B
453 B 107ms
105ms Fetch
application/json 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.townsquareblogs.com/rest/high/api/cogitoergosum

Requested by

Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/aleph/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.218 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

8699655a7eeb9694ed2476f0d14a0be2d2142af9f4b1a018dd15ff37df8da95a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.production.townsquareblogs.com/aleph/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 02 Dec 2022 03:18:28 GMT
server: nginx
etag: W/"80-MboqhgpWe7yh4x5uYQZ6FWFiLuI"
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: carbon
content-length: 128
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 107ms
88ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://koel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 22:08:12 GMT
x-content-type-options: nosniff
age: 18616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 22:08:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 81ms
81ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://koel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 297216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 16:44:52 GMT

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 10ms
9ms Script
application/javascript 184.24.171.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.171.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-171-130.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Fri, 02 Dec 2022 03:33:28 GMT

POST
H2 200 cogitoergosum Show response
cdn.production.townsquareblogs.com/rest/high/api/ Frame 4C9B 128 B
426 B 135ms
135ms Fetch
application/json 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.townsquareblogs.com/rest/high/api/cogitoergosum

Requested by

Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/aleph/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.218 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

8699655a7eeb9694ed2476f0d14a0be2d2142af9f4b1a018dd15ff37df8da95a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.production.townsquareblogs.com/aleph/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 02 Dec 2022 03:18:28 GMT
server: nginx
etag: W/"80-MboqhgpWe7yh4x5uYQZ6FWFiLuI"
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: carbon
content-length: 128
expires: Fri, 02 Dec 2022 03:18:27 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 123ms
122ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 196ms
120ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://koel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 02 Dec 2022 03:18:28 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 cogitoergosum Show response
koel.com/rest/high/api/ 128 B
338 B 102ms
101ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/rest/high/api/cogitoergosum

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

8699655a7eeb9694ed2476f0d14a0be2d2142af9f4b1a018dd15ff37df8da95a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:18:28 GMT
server: nginx
etag: W/"80-MboqhgpWe7yh4x5uYQZ6FWFiLuI"
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
content-length: 128
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-5.5bb797fa2d805bd583e9.1669844686840.js Show response
koel.com/public/dist/chunks/ 6 KB
2 KB 7ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-5.5bb797fa2d805bd583e9.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) / Express

Resource Hash

623e04d48a5730a68aad0409d00bffd06b4e6c98f0337e7b6c52aecbe4f2108d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25438
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 2149
last-modified: Thu, 01 Dec 2022 20:12:18 GMT
server: ECS (frb/6711)
etag: W/"178a-184cf518a5e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3448062547 3448019826
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-20.f7841577ce3521f569b1.1669844686840.js Show response
koel.com/public/dist/chunks/ 806 B
908 B 7ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-20.f7841577ce3521f569b1.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) / Express

Resource Hash

2c9b7cd82ee07b56c7468ea4da3fa3982e6a9d28281bb2fc4b9cef0daa79f4ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
via: 1.1 varnish
age: 25312
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 806
last-modified: Thu, 01 Dec 2022 20:12:18 GMT
server: ECS (frb/6752)
etag: W/"326-184cf518a5a"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 2582222633
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-34.0c9bac494d3cbc4bbcec.1669844686840.js Show response
koel.com/public/dist/chunks/ 40 KB
12 KB 7ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-34.0c9bac494d3cbc4bbcec.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BE) / Express

Resource Hash

788c4d1663f471f4036b6ca8c132e7fccb78ef97d9b2b1d9ac909b1b6f3e6da4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25312
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 12012
last-modified: Thu, 01 Dec 2022 20:12:18 GMT
server: ECS (frb/67BE)
etag: W/"a09a-184cf518a5e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 2582222636
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-14.f317d8bc4953e49303e7.1669844686840.js Show response
koel.com/public/dist/chunks/ 27 KB
8 KB 8ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-14.f317d8bc4953e49303e7.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6712) / Express

Resource Hash

e1f520f35fa3cd5bbe582059aba561c5cafacbb8c6a42c0a60dc578a426f253d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25438
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 7887
last-modified: Thu, 01 Dec 2022 20:12:19 GMT
server: ECS (frb/6712)
etag: W/"6ae3-184cf518eda"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 2582222634 2582179452
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-51.4a70d0cfbab9bb27bd7e.1669844686840.js Show response
koel.com/public/dist/chunks/ 2 KB
910 B 8ms
8ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-51.4a70d0cfbab9bb27bd7e.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) / Express

Resource Hash

bfcda1422aa899411226679000458222f0828156bd66902fdaa8ce43bff0f739

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25312
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 806
last-modified: Thu, 01 Dec 2022 20:12:19 GMT
server: ECS (frb/6760)
etag: W/"663-184cf518f85"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 2582222640
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 wo Show response
koel.com/rest/carbon/api/nowplaying/playertype/ 208 B
331 B 14ms
14ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/rest/carbon/api/nowplaying/playertype/wo

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) / Express

Resource Hash

4e178410227f812d07f2941d8689e53121ac23494dfd4bf4b78da34122b81918

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:28 GMT
age: 81
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 208
last-modified: Fri, 02 Dec 2022 03:17:07 GMT
server: ECS (frb/6793)
etag: W/"d0-7kobKnyXNKWcAPpzf+dein61UGs"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-33.b3dc786da2d080b5fb3b.1669844686840.js Show response
koel.com/public/dist/chunks/ 15 KB
6 KB 13ms
13ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-33.b3dc786da2d080b5fb3b.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D5) / Express

Resource Hash

2f8955359ff3e9fa630501f9f8e154f601de58c9ebe96d54444434981d5c08ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25312
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 6358
last-modified: Thu, 01 Dec 2022 20:12:24 GMT
server: ECS (frb/67D5)
etag: W/"3c81-184cf51a3a1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3448062548
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-52.32a5ab21c0f47ce019cc.1669844686840.js Show response
koel.com/public/dist/chunks/ 1 KB
749 B 12ms
12ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-52.32a5ab21c0f47ce019cc.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) / Express

Resource Hash

4228ebf13a526790a7bac89a0c5fc85f1ec3765339920afcb1e9cd218b40fdb2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25438
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 650
last-modified: Thu, 01 Dec 2022 20:12:19 GMT
server: ECS (frb/673A)
etag: W/"5e1-184cf518f85"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3448062550 3448019837
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-30.3cdd23acc11e2ab38cb5.1669844686840.js Show response
koel.com/public/dist/chunks/ 5 KB
2 KB 18ms
16ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-30.3cdd23acc11e2ab38cb5.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) / Express

Resource Hash

9fdcb8bc3248e83f7ae7f498496d73dbbc2090c0b53641de78e24853ad99eb0f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25438
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 1954
last-modified: Thu, 01 Dec 2022 20:12:35 GMT
server: ECS (frb/669E)
etag: W/"141b-184cf51cb89"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3448062549 3448019870
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-3.42d608cc8fea5326b4b3.1669844686840.js Show response
koel.com/public/dist/chunks/ 26 KB
8 KB 13ms
13ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-3.42d608cc8fea5326b4b3.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) / Express

Resource Hash

5a71ff6f30cce8d57e299e3e235289e89b6b9c3e42e49107f60d6b86b87ee798

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25312
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 8353
last-modified: Thu, 01 Dec 2022 20:12:19 GMT
server: ECS (frb/6752)
etag: W/"695e-184cf518ede"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3448062551
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-48.badaadfee02b3bb929af.1669844686840.js Show response
koel.com/public/dist/chunks/ 4 KB
2 KB 14ms
13ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-48.badaadfee02b3bb929af.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) / Express

Resource Hash

68dfff6e312e5308fae0b15086e291f3c913b583ad25aabb19041695a821ffb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25312
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 1433
last-modified: Thu, 01 Dec 2022 20:12:35 GMT
server: ECS (frb/6723)
etag: W/"f1c-184cf51cb89"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3448062555
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-19.80e5c2ea58d21dc38155.1669844686840.js Show response
koel.com/public/dist/chunks/ 65 KB
16 KB 12ms
12ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-19.80e5c2ea58d21dc38155.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) / Express

Resource Hash

da0392c604159f0bde97ecde7f2d7a309edc2c2063f650fbbc557e7f014225e5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25312
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 16770
last-modified: Thu, 01 Dec 2022 20:12:19 GMT
server: ECS (frb/6760)
etag: W/"10557-184cf518e3b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3448062552
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-15.087fcd49df0d13f10ecb.1669844686840.js Show response
koel.com/public/dist/chunks/ 5 KB
2 KB 13ms
12ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-15.087fcd49df0d13f10ecb.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) / Express

Resource Hash

d937b5d2e2c5ffb46e3d4453b85da75cfa1c698e52e9ae259864c0c5816fc5c7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25437
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 2020
last-modified: Thu, 01 Dec 2022 20:12:19 GMT
server: ECS (frb/67D4)
etag: W/"13d9-184cf518f81"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3448062556 3448019928
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-18.d1ef0c9dc79331039e33.1669844686840.js Show response
koel.com/public/dist/chunks/ 64 KB
14 KB 12ms
12ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-18.d1ef0c9dc79331039e33.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) / Express

Resource Hash

3bd02c8355bf4681954e9557b2d412604dd918701e24c3c3d16c9ce4972015a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25312
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 14140
last-modified: Thu, 01 Dec 2022 20:12:19 GMT
server: ECS (frb/6795)
etag: W/"1014f-184cf518f81"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 2582222637
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-11.382183c7bf86287800a3.1669844686840.js Show response
koel.com/public/dist/chunks/ 967 B
1 KB 12ms
12ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-11.382183c7bf86287800a3.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668A) / Express

Resource Hash

eae40f31c3c6bdd9a23335b27d0266acdb2b9b3e60c20dc030526bd49f4aefb9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
via: 1.1 varnish
age: 25437
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 967
last-modified: Thu, 01 Dec 2022 20:12:18 GMT
server: ECS (frb/668A)
etag: W/"3c7-184cf518a5a"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 2582222638 2582179560
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 chunk-12.114fb8ea181e01e93ded.1669844686840.js Show response
koel.com/public/dist/chunks/ 4 KB
2 KB 11ms
9ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-12.114fb8ea181e01e93ded.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) / Express

Resource Hash

e58660e0ee36f712364a983e796bdd86418b73ff6a7a61b6e9b64401eaff2bc1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25437
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 1495
last-modified: Thu, 01 Dec 2022 20:12:24 GMT
server: ECS (frb/67BC)
etag: W/"e03-184cf51a39d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3448062554 3448019933
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 180ms
70ms Fetch
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54384978327d97a1fec11b9946df8a1f06668f87c80e5170a22c9840bbdb0356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49066
x-xss-protection: 0
server: cafe
etag: 17980940730014448349
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 03:18:29 GMT

GET
H2 200 / Show response
koel.com/internal-ad-api/ 1 KB
583 B 356ms
356ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/internal-ad-api/?kw[]=gglidden&kw[]=did-you-know-squatters-can-claim-rights-to-your-property-in-iowa&kw[]=articles&kw[]=oddities&kw[]=iowa-laws&kw[]=nl&kw[]=pagetype-post&kw[]=post-249069&kw[]=hasonair&kw[]=device-desktop

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx /

Resource Hash

66fea73d2bde03047e1392ca58ed7b1b59ff0b9f063e59e93dbbfe7a8132235a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 506
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-varnish: 3453736249 3453736231
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:28 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45670496-5&cid=891846839.1669951109&jid=515769686&gjid=113958392&_gid=1552451735.1669951109&_u=YGBAgAADAAAAAEg~&z=520269071

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 03:18:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 50ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-19109753-1&cid=891846839.1669951109&jid=1733688958&gjid=884067368&_gid=1552451735.1669951109&_u=YGDAgAADAAAAAEg~&z=1328600377

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 03:18:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 47ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45670496-1&cid=891846839.1669951109&jid=599503822&gjid=1377942519&_gid=1552451735.1669951109&_u=YGDAgAADAAAAAEg~&z=161540080

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 03:18:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 44ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28825804-3&cid=891846839.1669951109&jid=2040798998&gjid=32683016&_gid=1552451735.1669951109&_u=YGDAgAADAAAAAEg~&z=755745962

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 03:18:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 41ms
22ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45260060-2&cid=891846839.1669951109&jid=224365858&gjid=1782739627&_gid=1552451735.1669951109&_u=YGDAgAADAAAAAEg~&z=269526844

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 03:18:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 37ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-180756957-12&cid=891846839.1669951109&jid=1562511614&gjid=119221969&_gid=1552451735.1669951109&_u=YGDAgAADAAAAAEg~&z=1879895380

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 03:18:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 118ms
38ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1672088339&t=pageview&_s=1&dl=https%3A%2F%2Fkoel.com%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&dp=%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&ul=en-us&de=UTF-8&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAADAAAAAAg~&jid=515769686&gjid=113958392&cid=891846839.1669951109&tid=UA-45670496-5&_gid=1552451735.1669951109&_av=2.4.1&_au=20&cd1=gglidden&cd2=articles%2Coddities&cd3=iowa-laws%2Cnl%2Ck923-ixp&cd4=post&cd5=Thu%20Dec%2001%202022&cd6=12%3A52&cd7=standard&cd8=400&cd9=A&cd10=yes&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.71%20Safari%2F537.36&did=i5iSjo&z=741723448

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2110
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 119ms
39ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1672088339&t=pageview&_s=1&dl=https%3A%2F%2Fkoel.com%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&dp=%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&ul=en-us&de=UTF-8&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAADAAAAAEg~&jid=1733688958&gjid=884067368&cid=891846839.1669951109&tid=UA-19109753-1&_gid=1552451735.1669951109&_av=2.4.1&_au=20&cd1=gglidden&cd2=articles%2Coddities&cd3=iowa-laws%2Cnl%2Ck923-ixp&cd4=post&cd5=Thu%20Dec%2001%202022&cd6=12%3A52&cd7=standard&cd8=400&cd9=A&cd10=yes&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.71%20Safari%2F537.36&did=i5iSjo&z=1849183486

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2110
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 120ms
40ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1672088339&t=pageview&_s=1&dl=https%3A%2F%2Fkoel.com%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&dp=%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&ul=en-us&de=UTF-8&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAADAAAAAEg~&jid=599503822&gjid=1377942519&cid=891846839.1669951109&tid=UA-45670496-1&_gid=1552451735.1669951109&_av=2.4.1&_au=20&cd1=gglidden&cd2=articles%2Coddities&cd3=iowa-laws%2Cnl%2Ck923-ixp&cd4=post&cd5=Thu%20Dec%2001%202022&cd6=12%3A52&cd7=standard&cd8=400&cd9=A&cd10=yes&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.71%20Safari%2F537.36&did=i5iSjo&z=582970657

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2110
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 120ms
40ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1672088339&t=pageview&_s=1&dl=https%3A%2F%2Fkoel.com%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&dp=%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&ul=en-us&de=UTF-8&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAADAAAAAEg~&jid=2040798998&gjid=32683016&cid=891846839.1669951109&tid=UA-28825804-3&_gid=1552451735.1669951109&_av=2.4.1&_au=20&cd1=gglidden&cd2=articles%2Coddities&cd3=iowa-laws%2Cnl%2Ck923-ixp&cd4=post&cd5=Thu%20Dec%2001%202022&cd6=12%3A52&cd7=standard&cd8=400&cd9=A&cd10=yes&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.71%20Safari%2F537.36&did=i5iSjo&z=1321925003

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2110
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 120ms
40ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1672088339&t=pageview&_s=1&dl=https%3A%2F%2Fkoel.com%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&dp=%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&ul=en-us&de=UTF-8&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAADAAAAAEg~&jid=224365858&gjid=1782739627&cid=891846839.1669951109&tid=UA-45260060-2&_gid=1552451735.1669951109&_av=2.4.1&_au=20&cd1=gglidden&cd2=articles%2Coddities&cd3=iowa-laws%2Cnl%2Ck923-ixp&cd4=post&cd5=Thu%20Dec%2001%202022&cd6=12%3A52&cd7=standard&cd8=400&cd9=A&cd10=yes&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.71%20Safari%2F537.36&did=i5iSjo&z=1021253435

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2110
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 120ms
41ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1672088339&t=pageview&_s=1&dl=https%3A%2F%2Fkoel.com%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&dp=%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&ul=en-us&de=UTF-8&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAADAAAAAEg~&jid=1562511614&gjid=119221969&cid=891846839.1669951109&tid=UA-180756957-12&_gid=1552451735.1669951109&_av=2.4.1&_au=20&cd1=gglidden&cd2=articles%2Coddities&cd3=iowa-laws%2Cnl%2Ck923-ixp&cd4=post&cd5=Thu%20Dec%2001%202022&cd6=12%3A52&cd7=standard&cd8=400&cd9=A&cd10=yes&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.71%20Safari%2F537.36&did=i5iSjo&z=456452700

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2110
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attachment-Gabe.jpg
townsquare.media/site/726/files/2022/05/ 16 KB
16 KB 8ms
7ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/726/files/2022/05/attachment-Gabe.jpg?w=300&q=75

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) / Express

Resource Hash

f50beb7c3a025c1584c893b13e0a4ce1027a376b5866b767ec8a9c27325b434c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 02 Dec 2022 03:18:29 GMT
via: 1.1 varnish
age: 16467926
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 16403
last-modified: Wed, 25 May 2022 12:26:14 GMT
server: ECS (frb/67C1)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 335158650 331695225
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:28 GMT

GET
H2 200 attachment-danny-burke-ZlSoUC4ex0I-unsplash.jpg
townsquare.media/site/726/files/2022/12/ 409 KB
410 KB 20ms
19ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/726/files/2022/12/attachment-danny-burke-ZlSoUC4ex0I-unsplash.jpg?w=5184&h=3456&q=75

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/635C) / Express

Resource Hash

6cd9e43af4d28a3a580252ebf05a90dd04fd978c17aaef981a7b4c33325e38b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:29 GMT
via: 1.1 varnish
age: 30977
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 419130
last-modified: Thu, 01 Dec 2022 17:49:44 GMT
server: ECS (lhb/635C)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2580752674
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:28 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
385 B 114ms
32ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186854
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: c6e5c945db43d0987ef6f5047bf051367a25b32267fa72419e54fc43a3f5b4ff

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://koel.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 01 Jan 2023 03:18:29 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
355 B 115ms
38ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://koel.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 300 KB
85 KB 23ms
12ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e45dcaae77d34cf94093b4560c98ddce

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6641dc91345abe14a72612b6906e73db091a0da27e2fb386b4906d1f1ba53387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://koel.com/
Origin: https://koel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 03:18:29 GMT
content-md5: Jt9PBPxUbKI4uWQ5EQS/uQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86916
x-fb-rlafr: 0
x-fb-debug: vZojFAv/Qq2kv7vZ5zm4EmbQ1kdDpNQD015HLSEPTJQKxYy65dIINnYw/Ji5iST8fjWvzjcEOOkKKKTgK+lN2A==
x-fb-content-md5: 8e8bc1ca603c1b90454356ae254f5607
cross-origin-opener-policy: same-origin-allow-popups
etag: "30be103e528157e41f89bbe0ba65091f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Dec 2023 21:59:28 GMT

GET
H/1.1 200
OK widget_iframe.644279d1635fd969e87af94a98bd232b.html Show response
platform.twitter.com/widgets/ Frame 73F1 320 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fkoel.com
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 105161
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 03:18:29 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 impl.20221127-12_b4-PR-50632-DEV-123103-investigate-the-affect-of-adding-another-ratio-to-couldinary-acc-3afbccf5bd9.js Show response
cdn.taboola.com/libtrc/ 693 KB
144 KB 7ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20221127-12_b4-PR-50632-DEV-123103-investigate-the-affect-of-adding-another-ratio-to-couldinary-acc-3afbccf5bd9.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a27d58e86077350d08caebfd00c40c9860441daca50c68689d6c7e9ab944c8bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: h5XXFM_HTCopTym6ncF8EGuGnzMHZc4y
content-encoding: br
via: 1.1 varnish
date: Fri, 02 Dec 2022 03:18:29 GMT
x-amz-request-id: MSB5D516VTF4W8Y2
age: 7074
x-cache: HIT
content-length: 146900
x-amz-id-2: JSzIp4aB9HRCXgJBdzRKO7pYXLK3lesBE2z7JuAkIo9ujhxI3ACO7o47XKBaI8mj7AQOk32HD3o=
x-served-by: cache-hhn4063-HHN
last-modified: Tue, 29 Nov 2022 17:11:50 GMT
server: AmazonS3-br
x-timer: S1669951109.137542,VS0,VE0
etag: "75a2afa76493ab3444a59e719c240a91"
vary: Accept-Encoding
content-type: application/javascript
abp: 6
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 16

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 41ms
8ms Script
application/javascript 13.225.78.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-101.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 13:45:35 GMT
content-encoding: gzip
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 48776
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: uUQTaW_1Gvrl_ebb7dpcfOi_dEgh4Q0x8uQMkMrW2x_oxb2dJ10AoA==

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
78 B 16ms
16ms Image
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=cloudinary_test_beacon_var
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-served-by: cache-hhn4063-HHN
date: Fri, 02 Dec 2022 03:18:29 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1669951109.138637,VS0,VE0
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 248 B
593 B 103ms
102ms XHR
application/json 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3227&u=https%3A%2F%2Fkoel.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:28 GMT
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://koel.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 248
x-amz-cf-id: IBJWEvBuJr9-JVu1TI7Uh51ZQ6XU3gN4Bi35oVuGPVgFKT_y0R3BBQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 28ms
11ms XHR
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:19:22 GMT
x-amz-version-id: vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding: gzip
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 10748
x-cache: Hit from cloudfront
last-modified: Fri, 18 Nov 2022 03:05:15 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: ZUdOp4MmJ3Cy7sydXldkAPhCZynmlVeiFdtIFrrWL6mRzPfJAJ_cWQ==

GET
H2 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 143ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 02 Dec 2023 00:27:26 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 252 B
751 B 152ms
45ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=koel.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3cdff91df1de14d267e28a2fb8a07e80fc51e2a1f17624601b305d3e8a9b7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
expires: Fri, 02 Dec 2022 03:18:29 GMT

POST
H2 200 cogitoergosum Show response
koel.com/rest/high/api/ 22 B
135 B 102ms
101ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/rest/high/api/cogitoergosum

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
server: nginx
etag: W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
content-length: 22
expires: Fri, 02 Dec 2022 03:18:28 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 45ms
45ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1672088339&t=event&_s=1&dl=https%3A%2F%2Fkoel.com%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&ul=en-us&de=UTF-8&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblock&ea=detection&el=off&_u=6GDAAAADAAAAAGg~&jid=695082406&gjid=872876104&cid=891846839.1669951109&tid=UA-115003007-7&_gid=1552451735.1669951109&_r=1&_slc=1&did=i5iSjo&z=2085166530

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 119ms
46ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GGT2X929YG&l=dataLayer&cx=c

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f7fd74aa405ca648caf80afc860f38ffd61008968299ae26dcca92f18ebd9a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77115
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Dec 2022 03:18:29 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 415 B
617 B 102ms
14ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=336
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://koel.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 415
expires: Fri, 02 Dec 2022 03:48:29 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 127ms
46ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-19109753-1&cid=891846839.1669951109&jid=1733688958&_u=YGDAgAADAAAAAEg~&z=174627300

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 131ms
49ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-19109753-1&cid=891846839.1669951109&jid=1733688958&_u=YGDAgAADAAAAAEg~&z=174627300

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 73F1 913 B
695 B 247ms
110ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=b04ebdbea9fbf21c37736a378b9a615b0207a4db

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fkoel.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

54ff9917daf6f89618357ef569223a5bd81eb9ef0255509aa77167cd9ee9e458

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-response-time: 103
date: Fri, 02 Dec 2022 03:18:28 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 02 Dec 2022 03:18:29 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 16b2bf6fc38724fa
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: b09cab40777a5406c714517e09d3b57e98e744e7953accf8eb121c401663aa35
content-length: 374

GET
H2 200 chunk-50.4e63e14ea1fb7462d61d.1669844686840.js Show response
koel.com/public/dist/chunks/ 767 B
863 B 9ms
8ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-50.4e63e14ea1fb7462d61d.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C2) / Express

Resource Hash

608ba581582e849ea60c4caeecea89c16be52cd99937fc5982d27fea6d09629a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:29 GMT
via: 1.1 varnish
age: 25439
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 767
last-modified: Thu, 01 Dec 2022 20:12:19 GMT
server: ECS (frb/67C2)
etag: W/"2ff-184cf518ee2"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 2582222686 2582179584
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:28 GMT

GET
H2 200 6386216f2fcdf354b859eb70 Show response
koel.com/rest/carbon/api/gallery/ 5 KB
1 KB 104ms
103ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/rest/carbon/api/gallery/6386216f2fcdf354b859eb70

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

46631d1418fa936b91531d97a98775dc7a4a5f6929a19e347344f88838a598fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
server: nginx
etag: W/"12f4-tEtIoSWEXnQJ0iuL+iPDq1yR6bQ"
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
expires: Fri, 02 Dec 2022 03:18:28 GMT

GET
H2 200 634993d432b9ed25c13d9175 Show response
koel.com/rest/carbon/api/gallery/ 9 KB
2 KB 102ms
102ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/rest/carbon/api/gallery/634993d432b9ed25c13d9175

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

38fda28a30f7d024f23b5c93d491adbc7c6b715a4229b16c7fef4f2641432a07

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
server: nginx
etag: W/"2282-BVFF+lZ6FIbik1F7XvRDkvM3wYQ"
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
expires: Fri, 02 Dec 2022 03:18:28 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 7ms
7ms Script
application/javascript 184.24.171.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.171.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-171-130.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
server: Apache
etag: "d4ed-5eaee7c12df48-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17131
expires: Fri, 02 Dec 2022 03:33:29 GMT

GET
H2 200 koelam-promo.jpg
townsquare.media/site/672/files/2017/12/ 2 KB
2 KB 8ms
8ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/672/files/2017/12/koelam-promo.jpg

Requested by

Host: koel.com
URL: https://koel.com/styles/desktop/base.css?ver=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6727) / Express

Resource Hash

548e03f9f449866f5d168ad9f225aeefe574b474e1369698464d7787351282b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:29 GMT
via: 1.1 varnish
age: 13325782
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 1658
last-modified: Mon, 23 May 2022 18:59:12 GMT
server: ECS (frb/6727)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2411348601
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:28 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 8ms
8ms Script
application/javascript 2a02:26f0:3400:1af::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.43849727210381895
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3400:1af::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=296
accept-ranges: bytes
content-length: 18679

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
502 B 50ms
21ms XHR
text/plain 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=254982&u=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wflgg0nYe3kKHvz93eHAPzbdbt6xFsHY8kbU%2FeEIbhmyc%2BB2%2B%2BXgZQNepagCno7IoVLqikNx3GS3N%2FIXixhkcw25qODXe74yuFzXwVkGbJ%2FE9Xv%2BTFanoA8PXZeR0Bm52JVSSuCH2x0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://koel.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7730ea622bad9186-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 gdpr-cmp-bootstrap.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 307 KB
68 KB 73ms
13ms Script
application/javascript 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c5ce585015433e8c2e3488acd77585474b2b452580f49529a8633be8fa053773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 16:07:33 GMT
server: Apache
etag: "4cd44-5dd1830eaa2ac-gzip"
vary: Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 69090

GET
H2 200 RS2022_87652512.jpg
townsquare.media/site/726/files/2019/12/ 25 KB
25 KB 11ms
9ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/726/files/2019/12/RS2022_87652512.jpg?w=300&q=75

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) / Express

Resource Hash

6d72aebb9afef5d817c7ec4880ce79980dfb7d0f410759a51e1df59cdeb6123e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 02 Dec 2022 03:18:29 GMT
via: 1.1 varnish
age: 295596
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 25226
last-modified: Thu, 01 Sep 2022 18:44:15 GMT
server: ECS (frb/67BD)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 2521780765
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:28 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 64ms
39ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=211345320604558&input_token&origin=1&redirect_uri=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&sdk=joey&wants_cookie_data=false

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Fri, 02 Dec 2022 03:18:29 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: m+n0mxkBil4zO+OhHaG9LViqWX2M00TARgOqLL2fNJOMoCoBHTeaFXEOOY2ZrPsUldge5wqAoMT1wXoCUiCKvw==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koel.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 teju-webclient.min.js Show response
static.solutionshindsight.net/teju-webclient/ 103 KB
30 KB 417ms
389ms Script
application/javascript 18.66.112.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c69ffc59f4d5c40b8293d14d56c05d2c8c5779310a1d0cf9ffedfc0fd0aaa3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:30 GMT
content-encoding: gzip
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified: Thu, 01 Dec 2022 20:23:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "4cbeebda600336835f1c5ed1254ea488"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 30229
x-amz-cf-id: sU7eB9EOATtu4767v5PR5hztNl5jEO3DiRGBuEPW0KyCJM7ZJWC7uA==

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 43ms
7ms Script
text/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: 7M143009WAXN3Q25
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: STRx0Ic7Ail0QBZUMyPwaOMFfBJYtqEH2QK9RThy959S4vh7bnHagkR7gXzbW7US0LujPxZb7RI=

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
671 B 57ms
15ms XHR
application/json 3.124.118.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%228800d875-3c14-488d-a10a-2a7a73cb038d%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1669951109570%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%222c3fc3c3e240a6%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%222c3fc3c3e240a6%22%3A%5B%5B1%2C1%5D%2C%5B300%2C250%5D%2C%5B336%2C280%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B1%2C1%5D%2C%5B300%2C250%5D%2C%5B336%2C280%5D%5D%7D%2C%22video%22%3A%7B%22context%22%3A%22outstream%22%2C%22mimes%22%3A%5B%22video%2Fmp4%22%5D%2C%22maxduration%22%3A120%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22maxbitrate%22%3A30000%2C%22minbitrate%22%3A200%2C%22api%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22skip%22%3A0%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22placement%22%3A3%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-in-article-pixel-1%22%2C%22transactionId%22%3A%223c6571a3-e940-497f-b302-1b4ebe887e26%22%2C%22sizes%22%3A%5B%5B1%2C1%5D%2C%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22bidId%22%3A%222c3fc3c3e240a6%22%2C%22bidderRequestId%22%3A%22165c535c6348ff%22%2C%22auctionId%22%3A%224aef2158-3201-4915-ac00-1827dd1c30d0%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.118.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-118-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:29 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
582 B 213ms
107ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836714&size_id=15&alt_size_ids=16%2C221&rf=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&kw=in-article-pixel&tk_flint=pbjs_lite_v6.9.0&x_source.tid=3c6571a3-e940-497f-b302-1b4ebe887e26&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4699654702715921
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f56ebaae33f61e7c6d00ed2f594b56af2a9f813e4c8e0062ac9c711392bf855a

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://koel.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 260
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
596 B 243ms
159ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fb2465729d377e4a5d328133a6def6138fc29a437e10a6d1d6ed54c14f95c932

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://koel.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 02 Dec 2022 03:18:29 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 94 B
836 B 449ms
125ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221094b10fe96b09%22%3A%22e6fe6470a476c52cbabe%7C%7Cgpid%3D%2F8328825%2Flocal%2FWaterloo%2FKOEL-AM%2Fsharethrough%22%7D&ref=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&s=ffeef1ec-fb78-4b62-98f6-ece306a8e1a3&pv=0cc964cd-1146-4791-b73c-e8f7f33aa7e8&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0

Requested by

Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

0b99d65ed7b6ea7cd8c43c3f3b262ddbc96265915f5dfaac2bda46da135fd794

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:29 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-86
Content-Type: application/json
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Length: 119
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
555 B 660ms
586ms XHR
text/plain 18.66.97.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=2552&domain=koel.com
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-14.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
server: istio-envoy
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://koel.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
x-amz-cf-id: kA__EKwOS4Fbl7awj_95WeU0IOzuQDf078oje5dLJJTL-FKu9xnhQA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 arj Show response
townsquaremedia-d.openx.net/w/1.0/ 73 B
145 B 142ms
42ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3c6571a3-e940-497f-b302-1b4ebe887e26&nocache=1669951109582&aus=1x1%2C300x250%2C336x280&divids=tsm-ad-in-article-pixel-1&aucs=&auid=539829446&aumfs=250
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 832b6051ae9594175b750d4997779a60f3857333a693191a8bc6f6dcd4bf803d

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://koel.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
385 B 79ms
79ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://koel.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 02 Dec 2022 03:18:29 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
707 B 34ms
10ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:29 GMT
AN-X-Request-Uuid: 2e1ff421-ef51-4848-847d-ea5ceabfc438
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
55 B 253ms
45ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://koel.com
date: Fri, 02 Dec 2022 03:18:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 903 B
1 KB 160ms
70ms XHR
application/json 46.51.133.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1669951109591&to=0&aun=tsm-ad-in-article-pixel-1&maxw=336&maxh=280&si=9150&pi=3&bf=1x1%2C300x250%2C336x280&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ns=9626
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.133.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-133-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a8d824f62583481d15fd2558e9c98c7fdcf9e729c4f94fc75b198d3af1ed0f4c

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://koel.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
517 B 73ms
11ms XHR
application/json 52.28.133.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.9.0&referrer=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&tmax=2000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.133.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-133-153.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
accept-ch: sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
355 B 57ms
4ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://koel.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
306 B 75ms
25ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=272477&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222768b4212d89e61%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2228560f7c3e29455%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%221x1%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4617781eb97ef79f8976ce2a4ab0e80e2c1d115cce1888759bf48e30538a9eb3

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MenGD5IaWvizEsS8WuZuSgQBWshbEE4JdpXVR9zpUSRbQ3hvj0OqNfAdgd9jETOZe8hLY2hGHPbtztggQqpZMFlkIt1zYJdkfWTKibeG8AjTSf2EWdl%2B8vbkMM0g0fV7vOyueeAU"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://koel.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7730ea634d2c5c68-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
201 B 470ms
204ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://koel.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 903 B
1 KB 145ms
66ms XHR
application/json 46.51.133.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1669951109603&to=0&aun=tsm-ad-728c-1&maxw=728&maxh=90&si=9154&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ns=9626
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.133.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-133-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 366c6213f93ccbb7087d8707e94986645ea910e952c9bd01af08b0c065eec6d3

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://koel.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
385 B 42ms
42ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://koel.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 02 Dec 2022 03:18:29 GMT

GET
H2 200 arj Show response
townsquaremedia-d.openx.net/w/1.0/ 73 B
145 B 120ms
42ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bad296bd-f93c-4316-949c-3f0dbded8eb9&nocache=1669951109604&aus=728x90&divids=tsm-ad-728c-1&aucs=&auid=539829446&aumfs=250
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 9a52d5b062fde5b41724c9cc612dca013c2b3c2b777a75a986105a36fcbfcc9d

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://koel.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
320 B 217ms
160ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0b7f4028dfd58ae991fc2424a328047d23059989e723d350acc909ad5a5e2937

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://koel.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 02 Dec 2022 03:18:29 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
355 B 44ms
2ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://koel.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 hb Show response
hb.undertone.com/ 0
555 B 621ms
573ms XHR
text/plain 18.66.97.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=2552&domain=koel.com
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-14.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
server: istio-envoy
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://koel.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: nXsmNPP8xQ0kofCFXG27uy2gfkfSt_UFxVTJi2Nyj9py_69k9xf3WA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
784 B 177ms
104ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836714&size_id=2&rf=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&kw=in-between-article-728&tk_flint=pbjs_lite_v6.9.0&x_source.tid=bad296bd-f93c-4316-949c-3f0dbded8eb9&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5910452199312191
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1773d32781cc62f7ac90d17a33fee10b594aa8c109ed0cebc3adebcf6ffb7d87

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://koel.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 239
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
643 B 32ms
12ms XHR
application/json 3.124.118.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%228800d875-3c14-488d-a10a-2a7a73cb038d%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1669951109608%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2248921a4bc4a2844%22%3A%22_wPlmCMrvTH%22%7D%2C%22bidSizes%22%3A%7B%2248921a4bc4a2844%22%3A%5B%5B728%2C90%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728c-1%22%2C%22transactionId%22%3A%22bad296bd-f93c-4316-949c-3f0dbded8eb9%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%2248921a4bc4a2844%22%2C%22bidderRequestId%22%3A%2247b44834af0f0df%22%2C%22auctionId%22%3A%226b45d371-20b7-4b2b-9e3d-3891d4f5119d%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.118.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-118-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:29 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
201 B 448ms
205ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://koel.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
518 B 43ms
9ms XHR
application/json 52.28.133.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.133.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-133-153.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
accept-ch: sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
707 B 9ms
9ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:29 GMT
AN-X-Request-Uuid: 5c868788-7a90-4690-82e7-815ea22f51b9
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
111 B 203ms
31ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://koel.com
date: Fri, 02 Dec 2022 03:18:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
558 B 44ms
24ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=272481&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2257d81a7af320cec%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22585d05bd8a5713f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22272481%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9caa9d1fdcc5c47c066a703069c6f8f5d3e6ebe93e0a7009ddf88d9dad24909c

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QImCTeqbxIwYLHmf%2BC3Z1Wkm01cUf9Omt47sgiPOSedy2FaJAbT11%2FGTHG9qBOI3X7THWri3hgUZwVpLkyt6bgfN38SuLQWJSnPGV0qd1PYlylO2p2uazkgMWU0Eyfm67riBCPpZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://koel.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7730ea635d2d5c68-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 95 B
837 B 455ms
142ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2260e3b920c699736%22%3A%22453c76e3ae70a2c82d2a%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FWaterloo%2FKOEL-AM%2Fpost%22%7D&ref=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&s=ff6e18e5-1f37-4e61-8371-d96050aecaa7&pv=0cc964cd-1146-4791-b73c-e8f7f33aa7e8&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

616cbc3794d1e26e4e14b30fde9e29a9ce227d103c136f4134cff45ae95badde

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:30 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-70
Content-Type: application/json
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
385 B 58ms
55ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://koel.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 02 Dec 2022 03:18:29 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
554 B 577ms
575ms XHR
text/plain 18.66.97.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=2552&domain=koel.com
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-14.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
server: istio-envoy
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://koel.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: 7LlK_DM-iuNTfAYg-XNqWWKMRYng4Ntfa0YIOL1Wzt_OU1_AFP7M6g==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
643 B 19ms
18ms XHR
application/json 3.124.118.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%228800d875-3c14-488d-a10a-2a7a73cb038d%22%2C%22requestCount%22%3A2%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1669951109652%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22741f267ee0bf463%22%3A%22_wPlmCMrvTH%22%2C%2275486a3c5d7f147%22%3A%22_wPlmCMrvTH%22%2C%2276bb01c5d89b59a%22%3A%22_wPlmCMrvTH%22%7D%2C%22bidSizes%22%3A%7B%22741f267ee0bf463%22%3A%5B%5B728%2C90%5D%5D%2C%2275486a3c5d7f147%22%3A%5B%5B728%2C90%5D%5D%2C%2276bb01c5d89b59a%22%3A%5B%5B970%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728a%22%2C%22transactionId%22%3A%22ef330f8f-0908-4416-8668-096232f45d81%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%22741f267ee0bf463%22%2C%22bidderRequestId%22%3A%227379f3fbea35fe3%22%2C%22auctionId%22%3A%22aa6b7c0b-ef6a-4aa8-8661-d1f43d266c43%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728b%22%2C%22transactionId%22%3A%22e4177ead-2645-4f43-bfdd-4a74b17b3d1c%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%2275486a3c5d7f147%22%2C%22bidderRequestId%22%3A%227379f3fbea35fe3%22%2C%22auctionId%22%3A%22aa6b7c0b-ef6a-4aa8-8661-d1f43d266c43%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-970a%22%2C%22transactionId%22%3A%22952f5c0e-3f47-4a32-939b-098109025de8%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22bidId%22%3A%2276bb01c5d89b59a%22%2C%22bidderRequestId%22%3A%227379f3fbea35fe3%22%2C%22auctionId%22%3A%22aa6b7c0b-ef6a-4aa8-8661-d1f43d266c43%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.118.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-118-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:29 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
310 B 20ms
20ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=272479&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227708df59f769b3d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2278057c6b6d455d5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22272479%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2279600e1cdb5a512%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22272480%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2400a505346e9b61167380025734f6bf80ad066668ea438a84da03ef8161f5be

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcLCnHD%2FeCOLpDKUMHTJKNMb5GO9WdyUN36tnuQxysPtjZPIomCzz9py8pI1%2BPUAYyf5cSUo6OwVQzNvekn1fokEG9prl%2B1j8T6pC6zpJRhEd9ZBBvNgToTTHNHh7mTreIf8szpO"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://koel.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7730ea636d465c68-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
55 B 171ms
32ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://koel.com
date: Fri, 02 Dec 2022 03:18:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
707 B 15ms
12ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:29 GMT
AN-X-Request-Uuid: e4197a02-2f5b-4797-91b5-a29a0708cd25
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
549 B 27ms
8ms XHR
application/json 52.28.133.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.133.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-133-153.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
x-auction-status: 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 903 B
1 KB 84ms
71ms XHR
application/json 46.51.133.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1669951109662&to=0&aun=tsm-ad-728a&maxw=728&maxh=90&si=9152&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ns=9626
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.133.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-133-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 912bf50a1e356c3fa8a11134decd3494524d83d7a3647e9d1e770cbbf7195d40

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://koel.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 903 B
1 KB 81ms
69ms XHR
application/json 46.51.133.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1669951109663&to=0&aun=tsm-ad-728b&maxw=728&maxh=90&si=9153&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ns=9626
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.133.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-133-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44274532a83345c06de44583f5601e4baafb0750b67961724ca659f19bda8526

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://koel.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
384 B 381ms
188ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://koel.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

GET
H2 200 arj Show response
townsquaremedia-d.openx.net/w/1.0/ 73 B
373 B 52ms
41ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ef330f8f-0908-4416-8668-096232f45d81%2Ce4177ead-2645-4f43-bfdd-4a74b17b3d1c%2C952f5c0e-3f47-4a32-939b-098109025de8&nocache=1669951109667&aus=728x90%7C728x90%7C970x250&divids=tsm-ad-728a%2Ctsm-ad-728b%2Ctsm-ad-970a&aucs=%2C%2C&auid=539829446%2C539829446%2C539829446&aumfs=250%2C250%2C250
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 7df6b898a5d46c311d54a0024ef925c880e0a70a2a2ff97b8e57d6075d78d5c0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://koel.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
355 B 18ms
9ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://koel.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
562 B 129ms
121ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836714&size_id=2&p_pos=atf&rf=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&kw=tsm-ad-728a&tk_flint=pbjs_lite_v6.9.0&x_source.tid=ef330f8f-0908-4416-8668-096232f45d81&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7163226798567273
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: df9a3a472d7d6edd4d1db22926b5b5130173bba1f50be5e7709abed1084581ae

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://koel.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 239
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
562 B 113ms
106ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836714&size_id=2&rf=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&kw=tsm-ad-728b&tk_flint=pbjs_lite_v6.9.0&x_source.tid=e4177ead-2645-4f43-bfdd-4a74b17b3d1c&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.05635069246588342
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 30ab8969b8cd25bc0114f434815ffaf8e5a1e11fb62c8f0a9f42058226a073fa

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://koel.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 239
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
563 B 128ms
122ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836714&size_id=57&p_pos=atf&rf=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&kw=tsm-ad-970a&tk_flint=pbjs_lite_v6.9.0&x_source.tid=952f5c0e-3f47-4a32-939b-098109025de8&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7118167948027536
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 02c7e6558782519c9832e443cfba0977a84539ae60065a6146752a2a78c15337

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://koel.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 240
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
318 B 146ms
141ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 205a2e32a07486dcde7cc6621dafa9f8e1a1bfb0919dbbc536abdf9e934bf67b

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://koel.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 02 Dec 2022 03:18:29 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 30 B
610 B 420ms
111ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22115bacdb76b881a3%22%3A%22ea7911e26d411186eb66%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FWaterloo%2FKOEL-AM%2Fpost%22%2C%22116f95c72e239716%22%3A%226e36ff2b933db31e890f%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FWaterloo%2FKOEL-AM%2Fpost%22%2C%221176793c04804486%22%3A%2288e31f49e54a033259c1%7C970x250%7Cgpid%3D%2F8328825%2Flocal%2FWaterloo%2FKOEL-AM%2Fpost%22%7D&ref=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&s=38a1827e-f04a-40e3-897e-7082ca48bab4&pv=0cc964cd-1146-4791-b73c-e8f7f33aa7e8&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:30 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-109
Content-Type: application/json
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Length: 30
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
342 B 114ms
41ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0J1FX1HP5M&gtm=2oebu0&_p=1672088339&_gaz=1&cid=891846839.1669951109&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669951109&sct=1&seg=0&dl=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&en=page_view&_fv=1&_ss=1&ep.call_sign=KOELAM&ep.site_classification=&ep.genre=news-talk&ep.market=Waterloo&ep.site_type=Local&ep.tags=iowa-laws%2Cnl%2Ck923-ixp&ep.categories=articles%2Coddities&ep.gtm_version=48&ep.page_type=post&ep.author=gglidden&ep.publish_date=&ep.view_type=standard&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.71%20Safari%2F537.36
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 115ms
42ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GGT2X929YG&gtm=2oebu0&_p=1672088339&_gaz=1&cid=891846839.1669951109&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669951109&sct=1&seg=0&dl=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&en=page_view&_fv=1&_ss=1&ep.call_sign=KOELAM&ep.site_classification=&ep.genre=news-talk&ep.market=Waterloo&ep.site_type=Local&ep.tags=iowa-laws%2Cnl%2Ck923-ixp&ep.categories=articles%2Coddities&ep.gtm_version=48&ep.page_type=post&ep.author=gglidden&ep.publish_date=&ep.view_type=standard&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.71%20Safari%2F537.36
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 57ms
19ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GGT2X929YG&cid=891846839.1669951109&gtm=2oebu0&aip=1
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 134ms
53ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GGT2X929YG&cid=891846839.1669951109&gtm=2oebu0&aip=1&z=253963188

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 64 B
499 B 172ms
114ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: DY6HKK1WABAJTW6QA8MR
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://koel.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: QO-dL0pPpvQgvOi6vKc-chBY_Oq927ZOQLvr8h2O9RWeNj3RwN11gQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 64 B
498 B 392ms
336ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:30 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: N86PRVT705APVBMX75MC
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://koel.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: dpkKht9wP1ITZsI4-80FDCf7bkpZ74wlhbKSas3GB1oT_WoHTrGCvw==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 64 B
497 B 165ms
117ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&pid=N9P7O6QYCSnof&cb=2&ws=1600x1200&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-970a%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FWaterloo%2FKOEL-AM%2Ftsm-ad-970a%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22tsm-ad-728a%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FWaterloo%2FKOEL-AM%2Ftsm-ad-728a%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22tsm-ad-728b%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FWaterloo%2FKOEL-AM%2Ftsm-ad-728b%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 9AKM21281PW5D7VC4V5E
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://koel.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: tBlI5wLtiPJEqA3GTc5E4d_ISTA49x4IQvmvLxOz_P65939Wos2Srw==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 64 B
499 B 160ms
114ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: GT9VP6CRAQQJY3J6P9E4
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://koel.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: gkxx9mVhEg8XpABRjF_QbO3yBAu8UaTkaC-jLlZPLKFjkSJvD-y1rA==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 64 B
498 B 371ms
329ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:30 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: F0B1VA6A0XQ137VRV2G2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://koel.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: gH5CQJPBJyQxJAPPY17DxrnHTpTJ6P144ycUKHFQEd_dhV4tvKTjEw==

GET
H2 200 euconsent Show response
api.conversant.mgr.consensu.org/ 105 B
288 B 158ms
76ms XHR
application/json 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/euconsent?configId=10164&cmpVersion=3.6.0&c=91333942016
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: d2cad8d048730885b6947e9a7ef5322521342aa457a0b27b77c9d4be077e1432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin: https://koel.com
date: Fri, 02 Dec 2022 03:18:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx
vary: Origin
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
707 B 17ms
17ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:29 GMT
AN-X-Request-Uuid: 8148edb2-fbfb-41a7-a569-acdbecf07b02
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
317 B 42ms
41ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 82d1dbbb58405f4878b8121fbf5b20a3631d1f431599e69a25d8cecccacd9d10

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://koel.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 02 Dec 2022 03:18:29 GMT

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
671 B 16ms
15ms XHR
application/json 3.124.118.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%228800d875-3c14-488d-a10a-2a7a73cb038d%22%2C%22requestCount%22%3A3%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1669951109914%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2212343c6174f64cd8%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%2212343c6174f64cd8%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300a%22%2C%22transactionId%22%3A%229c4c6c63-4728-495a-965a-23f13b32993f%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%2212343c6174f64cd8%22%2C%22bidderRequestId%22%3A%22122c21ac9b27c62b%22%2C%22auctionId%22%3A%222ff838c7-ac78-4fdc-8f4b-2ed7f33d770a%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.118.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-118-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:29 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
55 B 50ms
50ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://koel.com
date: Fri, 02 Dec 2022 03:18:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
517 B 10ms
9ms XHR
application/json 52.28.133.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.133.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-133-153.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
accept-ch: sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H3 200 arj Show response
townsquaremedia-d.openx.net/w/1.0/ 73 B
101 B 78ms
45ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9c4c6c63-4728-495a-965a-23f13b32993f&nocache=1669951109917&aus=300x250%2C300x600&divids=tsm-ad-300a&aucs=&auid=539829446&aumfs=250
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 9c794889eb1708f95cc1a9d7fe4cb5e2400493388bab7213f81322ebdff0dc48

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://koel.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
201 B 195ms
195ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://koel.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 95 B
835 B 284ms
170ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2213309c2c53c9bcb%22%3A%2252385cf1a79895898f27%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Flocal%2FWaterloo%2FKOEL-AM%2Fpost%22%7D&ref=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&s=4378634f-4681-4ab5-a23e-33f846e9dfa1&pv=0cc964cd-1146-4791-b73c-e8f7f33aa7e8&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e2d6e9c12d15d5f45b147313c6770a26c59c2b1bbf1a826c808bfc7f7f098c91

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:30 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-8
Content-Type: application/json
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
554 B 578ms
578ms XHR
text/plain 18.66.97.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=2552&domain=koel.com
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-14.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:30 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
server: istio-envoy
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://koel.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
x-amz-cf-id: 8MbrftIpfbKX2wI7--cyP2zr3B9DLvnRrYlvKH6sQ2wZMNuAfOIhww==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
385 B 42ms
42ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://koel.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 02 Dec 2022 03:18:29 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
294 B 85ms
84ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836714&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&kw=tsm-ad-300a&tk_flint=pbjs_lite_v6.9.0&x_source.tid=9c4c6c63-4728-495a-965a-23f13b32993f&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5856148526125835
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9c0cf30588ce196f127f10208173078c9cc62a6efb8e22df2c60b56419b48e7e

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://koel.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 260
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 38 B
535 B 33ms
24ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=272476&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22140a2b5e430e6918%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22141b5b3b859118eb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22272476%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22272476%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ff4ec6a9dee01d90069658c1ad42daf13d104f914c51ee2c04a1fdd3a1831d4

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K61CTTEDveXzmavx9l19r5BPw1k4BJyHuPM66etrFJoQRsBGwUKtGIeXv4J6zIXH0p0DEiL%2FMQw3RVHgiyZk01TVC7UeVc0BcqyJ%2FS85Iy%2FYHqqMdiftQPa7oarx3ZZrcJPO5mlY"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://koel.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7730ea651ade9b77-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 903 B
887 B 70ms
69ms XHR
application/json 46.51.133.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1669951109921&to=0&aun=tsm-ad-300a&maxw=300&maxh=600&si=9149&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ns=9626
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.133.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-133-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 84b7ec9eef5f799926205cadb7e452e021d1a636b5ac1b6f86b103d0170f9752

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:29 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://koel.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
355 B 8ms
7ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://koel.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 12.jpg
townsquare.media/site/726/files/2020/08/ 204 KB
204 KB 20ms
20ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/726/files/2020/08/12.jpg?w=980&q=75

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/636C) / Express

Resource Hash

7d23b9f8234fa007e409b8f420b8684356872ba63696f32e63d1d2ca57ae3e51

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:29 GMT
via: 1.1 varnish
age: 3742435
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 208889
last-modified: Wed, 13 Apr 2022 18:21:43 GMT
server: ECS (lhb/636C)
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 1854666835
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:28 GMT

GET
H2 200 a29lbC5jb20= Show response
static.solutionshindsight.net/assets/ 2 KB
1 KB 436ms
401ms Fetch
application/json 18.66.112.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/assets/a29lbC5jb20=
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c15053c3c9c18a6b5a07a60d84ac4e23c1541b7e850b98559f654a7db0e6bf68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:31 GMT
x-amz-version-id: null
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
last-modified: Thu, 24 Nov 2022 14:48:30 GMT
server: AmazonS3
etag: W/"7a4af99016e48f49f77714843b914ee1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: kukP827OglbHr4quMGiktdlhhSb4bE7dMGMR68QkEmpLAMfbrmSP2A==

GET
H2 200 like.php Show response
web.facebook.com/v2.8/plugins/ Frame 1DDA 0
3 KB 107ms
38ms Document
text/html 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/v2.8/plugins/like.php?action=like&app_id=211345320604558&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f342d450b052%26domain%3Dkoel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkoel.com%252Ff11cb4283ffd77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fam950koel&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 02 Dec 2022 03:18:30 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: yiJoH3/889BFKLS3KGhazrMZBQymtivT+a7KvKd9REQk3fWmaoWRuJ/UKlmBLULUxZ38whAttnCsJDq/6b6q0Q==
x-xss-protection: 0

GET
H2 200 vendor-list.json Show response
cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/ 397 KB
53 KB 31ms
11ms XHR
application/json 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/vendor-list.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7bde3113f8658e6bbd885e9d878e294a9c1505079ba6275b9b18e97b2fb76e95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:30 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 16:15:01 GMT
server: Apache
etag: "634fc-5eec685f331e6-gzip"
vary: Accept-Encoding
access-control-max-age: 3600
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 53583

POST
H2 204 event Show response
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
115 B 106ms
75ms XHR
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://koel.com
date: Fri, 02 Dec 2022 03:18:30 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H2 200 gdpr-cmp-ui.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 326 KB
82 KB 17ms
17ms Script
application/javascript 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a0b81c9b9e3f5889faa9ae2bb61877b0ccaf5f5246a28d2d8576f29acb3dd485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:30 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 16:07:33 GMT
server: Apache
etag: "5172d-5dd1830eaae64-gzip"
vary: Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 83280

GET
H2 200 tag Show response
btloader.com/ 92 KB
14 KB 70ms
30ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bc752ee47fd7f1d13554a460e5e9795c39a7f23064b5bae16abd7f988f5398b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 02:51:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1636
etag: W/"39402e97b39524195f6ce806d8ccb328"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVYDYZZKlceRW%2B5fffrOm6%2BcXFjOwb0eurN97PsJwfN5W18qgMq2JNZx4Dtk0L2jLGSaHRFUXoBrLulIY3Z4Gx85KWtC8dub%2BvvA7jURR3Y2Q%2FGkVS%2FT2j%2F4oarROzTzENegrRMaZLe0mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray: 7730ea6728b5915e-FRA

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KOELAM&ncv=24
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KOELAM&ncv=24

5 B
153 B

464ms
369ms

Script
text/html

2606:4700::6812:16ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KOELAM&ncv=24
Protocol: H2
Server: 2606:4700::6812:16ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 7730ea6b1c889010-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=KOELAM&ncv=24
access-control-allow-origin: *
date: Fri, 02 Dec 2022 03:18:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7730ea685a179010-FRA
content-type: text/html; charset=iso-8859-1

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24

5 B
253 B

207ms
127ms

Script
text/html

2606:4700::6812:16ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Protocol: H2
Server: 2606:4700::6812:16ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 7730ea6b1c879010-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
access-control-allow-origin: *
date: Fri, 02 Dec 2022 03:18:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7730ea685a1b9010-FRA
content-type: text/html; charset=iso-8859-1

GET
H2 200 en.json Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/ 4 KB
1 KB 11ms
10ms XHR
application/json 104.111.247.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/en.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-126.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:30 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 16:07:33 GMT
server: Apache
etag: "f30-5dd1830eac5d2-gzip"
vary: Accept-Encoding
access-control-max-age: 3600
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1178

GET
H2 204 b2
sb.scorecardresearch.com/ 0
190 B 10ms
9ms Image
text/plain 13.225.78.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1669951109481&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=23&cs_cmp_sv=3&cs_cmp_rt=799&c7=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&c8=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-101.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:30 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: mc1EgH0GDTxP6i0J4RlFPXODAKnfXqKtl8FlxgETZOsTtz6mUAZB9A==
x-cache: Miss from cloudfront

POST
H2 204 event Show response
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
114 B 16ms
16ms XHR
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://koel.com
date: Fri, 02 Dec 2022 03:18:30 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H3 200 arj Show response
townsquaremedia-d.openx.net/w/1.0/ 73 B
101 B 42ms
41ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ef312889-ada9-42db-bc35-31a16d67bd22&nocache=1669951110293&aus=300x250&divids=tsm-ad-300b&aucs=&auid=539829446&aumfs=250
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 921ec1295b3c6f85612e77e4d4a1743d6b036d87fe2d0da28d754553e2ba5dac

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:30 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://koel.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
517 B 10ms
9ms XHR
application/json 52.28.133.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.133.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-133-153.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:30 GMT
accept-ch: sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
55 B 30ms
29ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://koel.com
date: Fri, 02 Dec 2022 03:18:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
671 B 16ms
16ms XHR
application/json 3.124.118.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%228800d875-3c14-488d-a10a-2a7a73cb038d%22%2C%22requestCount%22%3A4%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1669951110294%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2215565b250b105195%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%2215565b250b105195%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300b%22%2C%22transactionId%22%3A%22ef312889-ada9-42db-bc35-31a16d67bd22%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%2215565b250b105195%22%2C%22bidderRequestId%22%3A%221547c189d7be781a%22%2C%22auctionId%22%3A%2298a0dfdc-3736-4675-a12b-9286376d941d%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.118.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-118-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:30 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 96 B
636 B 128ms
128ms XHR
application/json 69.166.1.15
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2215706222e9858129%22%3A%22810bf2d7e35a61283050%7C300x250%7Cgpid%3D%2F8328825%2Flocal%2FWaterloo%2FKOEL-AM%2Fpost%22%7D&ref=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&s=6c57f845-64b0-45cd-806b-03076c2fe315&pv=0cc964cd-1146-4791-b73c-e8f7f33aa7e8&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

6e65b563fbd71ffa5606364f064af6fb3c373e4b79043c8d786c0822d3c44e12

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:30 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-8
Content-Type: application/json
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
707 B 9ms
9ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:30 GMT
AN-X-Request-Uuid: ac2e78b7-c7ae-4395-a3b0-0fc254b45a32
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://koel.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
297 B 95ms
95ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173188&zone_id=836714&size_id=15&rf=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&kw=tsm-ad-300b&tk_flint=pbjs_lite_v6.9.0&x_source.tid=ef312889-ada9-42db-bc35-31a16d67bd22&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8923608233941855
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b244fe00dd8d7572335317677dc131f50d1681be332bcbca2c4844c4539a18ad

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:30 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://koel.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 240
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 38 B
501 B 19ms
18ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=272477&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2216258ec22a5d1b6e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22163b910a1514c2f3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd8b02ba51f42cc4124f9a30123bc6356dddb168b39b933b08429712a6571594

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FY3TzbTWXLeLykOQBnSdmYddATsiCBDZnrO8CAO2DKtenI1%2BCvaRRr3xNOtvBCvB3XZzYyI%2FZsDG4df5qvrDisRwMRlg5dZxfjwq4UzmJP44d4BzBqz7kagCk5WSQMdmEgh7CXLi"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://koel.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7730ea676da29b77-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38
expires: 0

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
224 B 180ms
180ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:18:30 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://koel.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
355 B 8ms
8ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://koel.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 903 B
887 B 67ms
67ms XHR
application/json 46.51.133.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1669951110310&to=0&aun=tsm-ad-300b&pv=f7f8b082-87f9-468f-8dd6-e36afa273462&maxw=300&maxh=250&si=9150&pi=3&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&ns=9626
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.133.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-133-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 84b7ec9eef5f799926205cadb7e452e021d1a636b5ac1b6f86b103d0170f9752

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:30 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://koel.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
385 B 40ms
39ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:30 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://koel.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 02 Dec 2022 03:18:30 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
343 B 41ms
40ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 66844b002413460858cab194c471908cd87c322a0d40561f9ce1b71acdbd3489

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:30 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://koel.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 02 Dec 2022 03:18:30 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
555 B 151ms
151ms XHR
text/plain 18.66.97.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=2552&domain=koel.com
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=koel.com&v=7de44a93c6ab86b5f8800facee2078010e182b63&mver=85&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-14.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:30 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
server: istio-envoy
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://koel.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
x-amz-cf-id: dHM_RxBMK4ZFQaxotHPb0gkV_AZ4c28XEMVz_c-zdYGoOSqZRj__Sg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
942 B 61ms
21ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 249639
x-guploader-uploadid: ADPycduLdztAz3Zp6zreifkFu5_1QrxowykP8MxCIy_wGanytb-liSOblGYBA6T_hqpeEIO_afL_r4_fEgI9WLfUW57YpA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmeTtK7dLjBivXSufM00NKSXER4TCw6Vuw%2F%2B1wNFbiW8YPqRnT7IhDw89rLXa3TaiW2PnH36%2ByiUJK%2BC8cYUXWgmP8qUUty18WDrTR%2BEl8eE25PWmVi8GgRf3%2FkoxPRmQTz5f2aDai84mjtoJw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7730ea68184b5b62-FRA
expires: Tue, 29 Nov 2022 06:37:06 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 119ms
29ms Image
image/x-icon 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 14:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Dec 2022 14:43:14 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
340 B 63ms
24ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7874414391290829
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 249639
x-guploader-uploadid: ADPycduLdztAz3Zp6zreifkFu5_1QrxowykP8MxCIy_wGanytb-liSOblGYBA6T_hqpeEIO_afL_r4_fEgI9WLfUW57YpA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kYdmu7VDVA4Bgf7ZvZvEQLp4%2BRlpGVLLm6gMbddntJyuiWebjdE6EoXzFFo%2ByXjiR9Pkklpuaz0xPUODvUOnpLaLsxXSJkUAnEwMUNZuLPVWh%2B9JjoxIJrskhUAZiE2oQTtNH4uBxukIz3WuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7730ea68184d5b62-FRA
expires: Tue, 29 Nov 2022 06:37:06 GMT

GET
H2 200 pubcid.min.js Show response
townsquare.media/public/resources/js/ 57 KB
18 KB 7ms
7ms Script
application/javascript 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/pubcid.min.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) / Express

Resource Hash

f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:30 GMT
content-encoding: gzip
via: 1.1 varnish
age: 40117
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 18369
last-modified: Tue, 30 Mar 2021 01:10:34 GMT
server: ECS (frb/67BD)
etag: W/"e26f-17880aead61"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3449115441 3444292434
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:29 GMT

GET
H2 200 wp-banners.js Show response
static.solutionshindsight.net/teju-webclient/ 264 B
573 B 482ms
481ms Script
application/javascript 18.66.112.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/wp-banners.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:31 GMT
content-encoding: gzip
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified: Thu, 01 Dec 2022 20:23:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "971528ea174da345e25778639b422ea9"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 190
x-amz-cf-id: NMxpRjzmrKFbxHI2PaZfBrTSTgHWwS3W1iDp3WTsflJQ0l1Durfzfw==

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 210ms
140ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:30 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 211ms
142ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=FrcqLW97&w=5715249031282688&o=5642230212591616&cv=2.1.0&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Dec 2022 03:18:30 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 /
log.pinterest.com/ 0
333 B 75ms
40ms Image
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=jU5J5Waq3hi2&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fk923.fm%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&viaSrc=canonical
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 02 Dec 2022 03:18:30 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-pinterest-rid: 1463930259493852
content-length: 0
x-served-by: cache-hhn4074-HHN
pragma: no-cache
server: envoy
x-timer: S1669951111.906540,VS0,VE31
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 _bulk
funes.solutionshindsight.net/events/ Frame 0
0 335ms
105ms Preflight
text/plain 18.235.165.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://funes.solutionshindsight.net/events/_bulk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.165.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-165-126.compute-1.amazonaws.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://koel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://koel.com
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 02 Dec 2022 03:18:31 GMT
server: uvicorn
vary: Origin

POST
H2 201 _bulk Show response
funes.solutionshindsight.net/events/ 598 B
736 B 149ms
149ms Fetch
application/json 18.235.165.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://funes.solutionshindsight.net/events/_bulk
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.165.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-165-126.compute-1.amazonaws.com
Software: uvicorn /
Resource Hash: dcdd82c645b04b2a2a97ac3f2d3398baca7e336a3228104325af43a17b9b8d97

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 02 Dec 2022 03:18:31 GMT
access-control-allow-credentials: true
server: uvicorn
content-length: 598
content-type: application/json

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4A45 80 KB
27 KB 118ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11b328c85e2cf2e266438ce5b962e619197153dded16f3d1c7806b3d072b0694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27407
x-xss-protection: 0
server: sffe
etag: "1409 / 515 of 1000 / last-modified: 1669936012"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 02 Dec 2022 03:18:31 GMT

GET
H2 200 didna_config.js Show response
storage.googleapis.com/didna_hb/hindsight/townsquaremedialocal/ Frame 4A45 11 KB
11 KB 235ms
144ms Script
text/javascript 2a00:1450:4001:827::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna_hb/hindsight/townsquaremedialocal/didna_config.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 50e31b99331b83f38b8d4a3e14bc7ada19eff7b286d200dd6d2f770540243ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:31 GMT
x-guploader-uploadid: ADPycdvhyFHCsWyp__PXs5oQGaw0wH2WdB0D83xFPBu2F61KpBWSrAA_JPLUTAopT01hz0Yn02zghfXSf91kG_FKFkiU-1yUsOWi
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10776
last-modified: Tue, 15 Nov 2022 20:49:20 GMT
server: UploadServer
etag: "48634af8a569ec755c4c48ba77eecadf"
x-goog-generation: 1668545360307412
content-type: text/javascript
x-goog-hash: crc32c=xGS5hg==, md5=SGNK+KVp7HVcTEi6d+7K3w==
cache-control: no-store
x-goog-stored-content-length: 10776
accept-ranges: bytes
expires: Sat, 02 Dec 2023 03:18:31 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1E85 80 KB
27 KB 119ms
65ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16448684a959c3d49f6e67c1ae86b1345c604fbd31810b6b6536c36f31744393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27425
x-xss-protection: 0
server: sffe
etag: "1409 / 81 of 1000 / last-modified: 1669935944"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 02 Dec 2022 03:18:31 GMT

GET
H2 200 didna_config.js Show response
storage.googleapis.com/didna_hb/hindsight/townsquaremedialocal/ Frame 1E85 11 KB
11 KB 323ms
250ms Script
text/javascript 2a00:1450:4001:827::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna_hb/hindsight/townsquaremedialocal/didna_config.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 50e31b99331b83f38b8d4a3e14bc7ada19eff7b286d200dd6d2f770540243ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:31 GMT
x-guploader-uploadid: ADPycduBao3CUnV2JT5ehLkaYn7nrz4jdtpwrJYzj7Y6JHJgrHyEXSxMhyT0fCsLJLMrPFYKpEMGxfovcwrR16C0KsfgrA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10776
last-modified: Tue, 15 Nov 2022 20:49:20 GMT
server: UploadServer
etag: "48634af8a569ec755c4c48ba77eecadf"
x-goog-generation: 1668545360307412
content-type: text/javascript
x-goog-hash: crc32c=xGS5hg==, md5=SGNK+KVp7HVcTEi6d+7K3w==
cache-control: no-store
x-goog-stored-content-length: 10776
accept-ranges: bytes
expires: Sat, 02 Dec 2023 03:18:31 GMT

GET
H3 200 pubads_impl_2022120101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4A45 384 KB
130 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 12:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133241
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 09:36:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Dec 2023 12:01:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 4A45 252 B
141 B 126ms
54ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=koel.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3cdff91df1de14d267e28a2fb8a07e80fc51e2a1f17624601b305d3e8a9b7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
expires: Fri, 02 Dec 2022 03:18:31 GMT

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1E85 381 KB
129 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 00:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 02 Dec 2023 00:27:26 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 1E85 252 B
141 B 96ms
45ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=koel.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3cdff91df1de14d267e28a2fb8a07e80fc51e2a1f17624601b305d3e8a9b7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
expires: Fri, 02 Dec 2022 03:18:31 GMT

GET
BLOB 200
OK ad85d6eb-2c98-4b02-ac26-cb1264d2900c
https://koel.com/ Frame 4A45 594 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://koel.com/ad85d6eb-2c98-4b02-ac26-cb1264d2900c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 594
Content-Type: text/javascript

GET
BLOB 200
OK fb0e603b-ecba-48b7-a7a7-9aaac774f0fb
https://koel.com/ Frame 1E85 594 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://koel.com/fb0e603b-ecba-48b7-a7a7-9aaac774f0fb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 594
Content-Type: text/javascript

GET
BLOB 200
OK 4c69ddc3-ab22-4a6e-9613-f3131bb36298 Show response
https://koel.com/ Frame 4A45 196 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://koel.com/4c69ddc3-ab22-4a6e-9613-f3131bb36298
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a50fd2c2415334c1be42218fccd59b837de10ed8ba364199d2c0b0d4a4c65299

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 200828
Content-Type: text/javascript

GET
BLOB 200
OK 5fd8445d-f335-43f6-b5fe-f607f0e1e17b Show response
https://koel.com/ Frame 1E85 196 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://koel.com/5fd8445d-f335-43f6-b5fe-f607f0e1e17b
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a50fd2c2415334c1be42218fccd59b837de10ed8ba364199d2c0b0d4a4c65299

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 200828
Content-Type: text/javascript

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ Frame 4A45 12 KB
5 KB 50ms
9ms Script
application/javascript 2600:9000:21f3:3e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 02:56:11 GMT
content-encoding: br
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-version-id: w3KJZkVAfqnORqOaqFfF6RO.15AU_w0t
last-modified: Tue, 06 Sep 2022 10:54:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 1342
etag: W/"8ad2beee52c2abad4a49b927b72d3048"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-id: tfgUQtGnaAFjJQzq8LxNwLc1sRbrATP1JEphwq91pfGEXBZ_VfHNmA==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159745/4535/ Frame 4A45 215 KB
66 KB 232ms
7ms Script
application/javascript 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d557de3f39744cf5f2dc1fd949f47e98362dfdb6bd43a8b691d5b61bfb63fd95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:32 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 16:33:39 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=91453
accept-ranges: bytes
content-length: 66761
expires: Sat, 03 Dec 2022 04:42:45 GMT

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ Frame 1E85 12 KB
5 KB 19ms
9ms Script
application/javascript 2600:9000:21f3:3e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 02:56:11 GMT
content-encoding: br
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-version-id: w3KJZkVAfqnORqOaqFfF6RO.15AU_w0t
last-modified: Tue, 06 Sep 2022 10:54:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 1342
etag: W/"8ad2beee52c2abad4a49b927b72d3048"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-id: LT5XzCzSVw49ioO505O6T-2KnfpmMKMYcVPayk4go4kJVLhH6aoe3A==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159745/4535/ Frame 1E85 215 KB
66 KB 205ms
7ms Script
application/javascript 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d557de3f39744cf5f2dc1fd949f47e98362dfdb6bd43a8b691d5b61bfb63fd95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:32 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 16:33:39 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=91453
accept-ranges: bytes
content-length: 66761
expires: Sat, 03 Dec 2022 04:42:45 GMT

GET
BLOB 200
OK 068e9f81-0215-4500-a419-c49630fdbc8a Show response
https://koel.com/ Frame 1E85 481 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://koel.com/068e9f81-0215-4500-a419-c49630fdbc8a
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7900b61c654b5c5c8e2592fcc4738e256046cc53883a016fbe696c591dac5d9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 492946
Content-Type: text/javascript

GET
BLOB 200
OK 37248bd0-43d6-4bdb-bb8b-fd0b4ca194e7 Show response
https://koel.com/ Frame 4A45 481 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://koel.com/37248bd0-43d6-4bdb-bb8b-fd0b4ca194e7
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7900b61c654b5c5c8e2592fcc4738e256046cc53883a016fbe696c591dac5d9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 492946
Content-Type: text/javascript

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ Frame 1E85 208 KB
71 KB 10ms
10ms Script
text/javascript 2600:9000:21f3:3e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68f1933ce3818d2353839553c65df69d9cbd724ee13ad43c5026425f314f730a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 02:56:05 GMT
content-encoding: br
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-version-id: bp4jbeCZmxwCl0nUXYJIR_QnOW8T.GoH
last-modified: Fri, 02 Dec 2022 02:25:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 1348
etag: W/"adc240479cb382f812d0493b4dfabf9f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: qWMF_21iKt-s0dQ77dGmdWepElQawBinKGeHXy7HdKdhpn-7JX8eEQ==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ Frame 4A45 208 KB
71 KB 17ms
17ms Script
text/javascript 2600:9000:21f3:3e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Requested by: Host: koel.com
URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68f1933ce3818d2353839553c65df69d9cbd724ee13ad43c5026425f314f730a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 02:56:05 GMT
content-encoding: br
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-version-id: bp4jbeCZmxwCl0nUXYJIR_QnOW8T.GoH
last-modified: Fri, 02 Dec 2022 02:25:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 1348
etag: W/"adc240479cb382f812d0493b4dfabf9f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: PsuIekZ-ZwI5F0RLNvoSz8TpQ_C9l-afZ8lAKW9ySGny6UmOQiVKiA==

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A24E 15 KB
6 KB 9ms
7ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25330
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Dec 2022 10:20:43 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 91A8 3 KB
2 KB 21ms
19ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 286
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7730ea7a5b999b43-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: Fri, 02 Dec 2022 07:18:33 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7CF9 15 KB
6 KB 9ms
8ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25330
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Dec 2022 10:20:43 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame FF78 9 KB
3 KB 63ms
9ms Document
text/html 2600:9000:21f3:a200:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 629d62adfad8d2674fb6b83a8ba85e3d76dd9f0e63a7a51b5753d0ea223af396

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75606
content-encoding: gzip
content-type: text/html
date: Thu, 01 Dec 2022 06:18:28 GMT
etag: W/"5622b32305c47b2be916a6c424eed515"
last-modified: Mon, 07 Nov 2022 14:19:07 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-cf-id: 56g6D_6rNQ61wYJ6g8PuCBDsVmVnHj9YD9F2-Vvh2WJsqaZ7aIjT4g==
x-amz-cf-pop: FRA2-C2
x-amz-replication-status: COMPLETED
x-amz-version-id: FcgX1qjTYQoJcn.Q.j6.Q9icc5uN_Nnv
x-cache: Hit from cloudfront

GET
H2 200 sync Show response
eb2.3lift.com/ Frame FA9B 37 B
140 B 40ms
9ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 02 Dec 2022 03:18:33 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 9C41 0
0 8ms
7ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1669951109935

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 2000775.html Show response
sync.serverbid.com/ss/ Frame CB3D 4 KB
2 KB 56ms
12ms Document
text/html 13.225.78.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000775.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-68.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc99a8df7b6ee1496ed732d875e0aee5ce128caded7686c8410e8b9d9368a821

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77339
content-encoding: gzip
content-type: text/html
date: Thu, 01 Dec 2022 05:52:21 GMT
etag: W/"126821f1ceaace2af172a44f8b01eab0"
last-modified: Tue, 22 Nov 2022 21:38:12 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-id: IlmUkUtnL__7djSsp9JaNtnOOK_PUxHY4bIw3a14KgVSkrmiWqGJOg==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 9A60 37 B
139 B 32ms
9ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 02 Dec 2022 03:18:33 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E2A0 281 B
554 B 70ms
8ms Document
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:18:33 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 624A 15 KB
6 KB 8ms
7ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25330
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Dec 2022 10:20:43 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame BA9D 3 KB
1 KB 22ms
22ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 286
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7730ea7a8bd99b43-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: Fri, 02 Dec 2022 07:18:33 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 02F5 0
91 B 72ms
40ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame B35B 21 KB
8 KB 73ms
39ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a53cf2e7ad8cbf32cf59fbbd623afab55bf338172692eb750b2094c4d3636479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7833
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: Sun, 04 Dec 2022 03:18:33 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 1323 37 B
139 B 21ms
10ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 02 Dec 2022 03:18:33 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 2DD5 0
80 B 67ms
41ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame A85E 0
80 B 65ms
41ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame 5F28 9 KB
3 KB 34ms
10ms Document
text/html 2600:9000:21f3:a200:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 629d62adfad8d2674fb6b83a8ba85e3d76dd9f0e63a7a51b5753d0ea223af396

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75606
content-encoding: gzip
content-type: text/html
date: Thu, 01 Dec 2022 06:18:28 GMT
etag: W/"5622b32305c47b2be916a6c424eed515"
last-modified: Mon, 07 Nov 2022 14:19:07 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-cf-id: ffdMffOcNQP9AgmJB6XiNs3zabsdko0mQ6zuZHRgTPN6hGgsfVnBRQ==
x-amz-cf-pop: FRA2-C2
x-amz-replication-status: COMPLETED
x-amz-version-id: FcgX1qjTYQoJcn.Q.j6.Q9icc5uN_Nnv
x-cache: Hit from cloudfront

GET
H2 200 2000775.html Show response
sync.serverbid.com/ss/ Frame 3294 4 KB
2 KB 34ms
11ms Document
text/html 13.225.78.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000775.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-68.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc99a8df7b6ee1496ed732d875e0aee5ce128caded7686c8410e8b9d9368a821

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77339
content-encoding: gzip
content-type: text/html
date: Thu, 01 Dec 2022 05:52:21 GMT
etag: W/"126821f1ceaace2af172a44f8b01eab0"
last-modified: Tue, 22 Nov 2022 21:38:12 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-id: vnzubusw88kdqxYpXeSqr-G7Lj5lxEFYDhYv3KyPLl4q4KsuyDU7bw==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame B39A 21 KB
8 KB 62ms
38ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a53cf2e7ad8cbf32cf59fbbd623afab55bf338172692eb750b2094c4d3636479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7833
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: Sun, 04 Dec 2022 03:18:33 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame CE28 9 KB
3 KB 30ms
11ms Document
text/html 2600:9000:21f3:a200:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 629d62adfad8d2674fb6b83a8ba85e3d76dd9f0e63a7a51b5753d0ea223af396

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75606
content-encoding: gzip
content-type: text/html
date: Thu, 01 Dec 2022 06:18:28 GMT
etag: W/"5622b32305c47b2be916a6c424eed515"
last-modified: Mon, 07 Nov 2022 14:19:07 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-cf-id: KPWmoTUfi4lrezCoypmu0qzd9enhy0BYP3qEeLqaP8YRiyLPoLJJGg==
x-amz-cf-pop: FRA2-C2
x-amz-replication-status: COMPLETED
x-amz-version-id: FcgX1qjTYQoJcn.Q.j6.Q9icc5uN_Nnv
x-cache: Hit from cloudfront

GET
H2 204 /
onetag-sys.com/usync/ Frame AD2E 0
0 10ms
10ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1669951109925

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 17C9 21 KB
8 KB 56ms
38ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a53cf2e7ad8cbf32cf59fbbd623afab55bf338172692eb750b2094c4d3636479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7833
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: Sun, 04 Dec 2022 03:18:33 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 3828 37 B
139 B 9ms
9ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 02 Dec 2022 03:18:33 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 19B9 3 KB
1 KB 32ms
22ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 286
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7730ea7abc6c9b43-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: Fri, 02 Dec 2022 07:18:33 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 2000775.html Show response
sync.serverbid.com/ss/ Frame BFAF 4 KB
2 KB 19ms
11ms Document
text/html 13.225.78.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000775.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-68.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc99a8df7b6ee1496ed732d875e0aee5ce128caded7686c8410e8b9d9368a821

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77339
content-encoding: gzip
content-type: text/html
date: Thu, 01 Dec 2022 05:52:21 GMT
etag: W/"126821f1ceaace2af172a44f8b01eab0"
last-modified: Tue, 22 Nov 2022 21:38:12 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-id: u0fpBG-k6Pbl_gHcw5KI7L9KWW3WYLixQ4VGnMzGLfS6VqIGww6YQw==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C05C 15 KB
6 KB 12ms
7ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25330
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Dec 2022 10:20:43 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame 4E73 9 KB
3 KB 13ms
10ms Document
text/html 2600:9000:21f3:a200:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 629d62adfad8d2674fb6b83a8ba85e3d76dd9f0e63a7a51b5753d0ea223af396

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75606
content-encoding: gzip
content-type: text/html
date: Thu, 01 Dec 2022 06:18:28 GMT
etag: W/"5622b32305c47b2be916a6c424eed515"
last-modified: Mon, 07 Nov 2022 14:19:07 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-cf-id: S7KISwSoP7tWSlq8Q5Rzo_uFz4xIcyzpnEUzrsVeHH7QzY-NbWIrEg==
x-amz-cf-pop: FRA2-C2
x-amz-replication-status: COMPLETED
x-amz-version-id: FcgX1qjTYQoJcn.Q.j6.Q9icc5uN_Nnv
x-cache: Hit from cloudfront

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 8AAD 21 KB
8 KB 45ms
39ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a53cf2e7ad8cbf32cf59fbbd623afab55bf338172692eb750b2094c4d3636479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7833
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: Sun, 04 Dec 2022 03:18:33 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET ixmatch.html
js-sec.indexww.com/um/ 0
0

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame 16CB 9 KB
3 KB 18ms
8ms Document
text/html 2600:9000:21f3:a200:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 629d62adfad8d2674fb6b83a8ba85e3d76dd9f0e63a7a51b5753d0ea223af396

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75606
content-encoding: gzip
content-type: text/html
date: Thu, 01 Dec 2022 06:18:28 GMT
etag: W/"5622b32305c47b2be916a6c424eed515"
last-modified: Mon, 07 Nov 2022 14:19:07 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-cf-id: N9AIQ18p6YIHqy7lTXZClqbfTd8OyPc41WVLIBzRK0xHjCf4cpvHYQ==
x-amz-cf-pop: FRA2-C2
x-amz-replication-status: COMPLETED
x-amz-version-id: FcgX1qjTYQoJcn.Q.j6.Q9icc5uN_Nnv
x-cache: Hit from cloudfront

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 7EDE 21 KB
8 KB 37ms
31ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a53cf2e7ad8cbf32cf59fbbd623afab55bf338172692eb750b2094c4d3636479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7833
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: Sun, 04 Dec 2022 03:18:33 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 01A0 37 B
139 B 12ms
9ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 02 Dec 2022 03:18:33 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame B055 0
80 B 41ms
39ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame EEA9 3 KB
1 KB 26ms
25ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 286
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7730ea7adca09b43-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: Fri, 02 Dec 2022 07:18:33 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2974 15 KB
6 KB 9ms
8ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25330
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Dec 2022 10:20:43 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame A48B 0
80 B 40ms
37ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 2000775.html Show response
sync.serverbid.com/ss/ Frame 8162 4 KB
2 KB 10ms
9ms Document
text/html 13.225.78.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000775.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-68.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc99a8df7b6ee1496ed732d875e0aee5ce128caded7686c8410e8b9d9368a821

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77339
content-encoding: gzip
content-type: text/html
date: Thu, 01 Dec 2022 05:52:21 GMT
etag: W/"126821f1ceaace2af172a44f8b01eab0"
last-modified: Tue, 22 Nov 2022 21:38:12 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-id: 7eQsSXF1UyYELnQ_WnkChjLkYZAC78ZomMDUC19eGsAabTl_qvjYpQ==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

GET
H2 200 2000775.html Show response
sync.serverbid.com/ss/ Frame 0ABA 4 KB
2 KB 9ms
8ms Document
text/html 13.225.78.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000775.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-68.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc99a8df7b6ee1496ed732d875e0aee5ce128caded7686c8410e8b9d9368a821

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77339
content-encoding: gzip
content-type: text/html
date: Thu, 01 Dec 2022 05:52:21 GMT
etag: W/"126821f1ceaace2af172a44f8b01eab0"
last-modified: Tue, 22 Nov 2022 21:38:12 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-id: lhwNoNfyLIUDXi-l7kU_pOusl2ymrc96DYokT1kEUrH0cGEJ89UTWA==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

GET
H2 204 /
onetag-sys.com/usync/ Frame 163E 0
0 19ms
7ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1669951109927

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200 9.gif
id5-sync.com/s/441/ 43 B
1 KB 53ms
12ms Image
image/gif 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H/1.1 200
OK register2.php Show response
synchrobox.adswizz.com/ Frame CB3D 589 B
1 KB 168ms
28ms Script
text/javascript 54.77.113.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchrobox.adswizz.com/register2.php
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.113.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-113-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e139cf342874af7c8c190c22e2b75970be889db05e63a973970d74f11492f0f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET, HEAD, OPTIONS, POST, PUT
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin: *
content-type: text/javascript
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length: 589

GET
H2 200 SynchroClient2.js Show response
cdn.adswizz.com/adswizz/js/ Frame CB3D 9 KB
9 KB 71ms
7ms Script
application/javascript 13.32.99.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:20:29 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 06:28:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 28685
etag: "3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9187
x-amz-cf-id: 3dq8JO7Of0tPR50lEXmTrSbF4j5vf5eGm-XNe893nPISLAYxM_ELpQ==

GET
H/1.1 200
OK register2.php Show response
synchrobox.adswizz.com/ Frame 3294 589 B
1 KB 129ms
28ms Script
text/javascript 54.77.113.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchrobox.adswizz.com/register2.php
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.113.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-113-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e139cf342874af7c8c190c22e2b75970be889db05e63a973970d74f11492f0f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET, HEAD, OPTIONS, POST, PUT
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin: *
content-type: text/javascript
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length: 589

GET
H2 200 SynchroClient2.js Show response
cdn.adswizz.com/adswizz/js/ Frame 3294 9 KB
9 KB 33ms
8ms Script
application/javascript 13.32.99.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:20:29 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 06:28:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 28685
etag: "3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9187
x-amz-cf-id: QHbr7lxaqbE32vVlWr3Jjacw50HWzAv9W60eDFHI4_Zo6O3BUu8uKA==

GET
H/1.1 200
OK register2.php Show response
synchrobox.adswizz.com/ Frame BFAF 589 B
1 KB 107ms
27ms Script
text/javascript 54.77.113.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchrobox.adswizz.com/register2.php
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.113.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-113-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e139cf342874af7c8c190c22e2b75970be889db05e63a973970d74f11492f0f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET, HEAD, OPTIONS, POST, PUT
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin: *
content-type: text/javascript
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length: 589

GET
H2 200 SynchroClient2.js Show response
cdn.adswizz.com/adswizz/js/ Frame BFAF 9 KB
9 KB 9ms
9ms Script
application/javascript 13.32.99.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:20:29 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 06:28:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 28685
etag: "3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9187
x-amz-cf-id: OWa0VbsahiIqGB9RcPTcPrXUFHTqN2MrwyjQrA_-KvMOy518GDlP8g==

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E2A0 34 KB
10 KB 7ms
7ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:18:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Dec 2022 20:10:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=60727
Connection: keep-alive
Content-Length: 10067
Expires: Fri, 02 Dec 2022 20:10:40 GMT

GET
H/1.1 200
OK register2.php Show response
synchrobox.adswizz.com/ Frame 8162 589 B
1 KB 80ms
28ms Script
text/javascript 54.77.113.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchrobox.adswizz.com/register2.php
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.113.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-113-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e139cf342874af7c8c190c22e2b75970be889db05e63a973970d74f11492f0f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET, HEAD, OPTIONS, POST, PUT
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin: *
content-type: text/javascript
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length: 589

GET
H2 200 SynchroClient2.js Show response
cdn.adswizz.com/adswizz/js/ Frame 8162 9 KB
9 KB 8ms
7ms Script
application/javascript 13.32.99.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:20:29 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 06:28:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 28685
etag: "3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9187
x-amz-cf-id: 61jgJl_V3xZuOKql6M-bqnnOUaKZ739Mr0OjFak70H7zaDCnasvJSg==

GET
H/1.1 200
OK register2.php Show response
synchrobox.adswizz.com/ Frame 0ABA 589 B
1 KB 72ms
28ms Script
text/javascript 54.77.113.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchrobox.adswizz.com/register2.php
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.113.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-113-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e139cf342874af7c8c190c22e2b75970be889db05e63a973970d74f11492f0f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET, HEAD, OPTIONS, POST, PUT
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin: *
content-type: text/javascript
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length: 589

GET
H2 200 SynchroClient2.js Show response
cdn.adswizz.com/adswizz/js/ Frame 0ABA 9 KB
9 KB 7ms
7ms Script
application/javascript 13.32.99.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:20:29 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 06:28:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 28685
etag: "3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9187
x-amz-cf-id: 0rAT8eL7E4E8_G0G5KPb520PIRzjUf5yieai2vi7LmRi7olE3ek1zA==

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame F1C1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

1 KB
1 KB

67ms
46ms

Document
text/html

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3dbaec4ba50a235f08e2c02c88b6a42a9e144e943b4063d35d0304c9b081f6b

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7d28449189-FRA
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9aRj562zpwIqX1dMNcyRMFqoexvI2z9X2NDA0S%2BJH597Kg%2BZ3XOOyKki4qwgIBNlCatEAgn0VQLmm%2FG6fiw5%2FhXlk8kMry7W4p0QhszW0kcoP5LuQURIMjJl4OkxBdpcim%2BO%2BpjMuVrXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7ce9009136-FRA
content-length: 0
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvlMGVwBa2i3k9Xl6OO1EmaD3mauwQtMMicr%2B6JmjaJqTjVMKq%2FseLOgRK2hlmvsDmz76inAXZ574l3gODtDmpnNKc%2BxntjN7EkzNSb4T8BpweV%2F8PdomjiLOKFqBqeXjaHv9xL5sa5QYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame CF72
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

15ms
7ms

Document
text/html

23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:18:33 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 02 Dec 2022 03:18:33 GMT
location: https://eus.rubiconproject.com/usync.html?p=12776
server: AkamaiGHost

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame FF78 43 B
694 B 7ms
7ms Image
image/gif 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:33 GMT
AN-X-Request-Uuid: dc02bc84-8bc6-4b64-9f7f-6dab8729f152
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame FF78 43 B
120 B 132ms
35ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame FF78
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A

0
233 B

285ms
285ms

Image
text/plain

13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: Uv2Kmqkp33Pcvo4JP80Bm7cWPE4nIfjvxQIShC5tB0Rw00OTWWn09Q==

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FF78 70 B
264 B 34ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame FF78 0
239 B 65ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

ImgSync
image8.pubmatic.com/AdServer/ Frame FF78
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...

0
39 B

16ms
15ms

Image
text/plain

198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-length: 0

Redirect headers

location: /AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1
date: Fri, 02 Dec 2022 03:18:32 GMT
content-length: 286
content-type: text/html; charset=utf-8

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame FF78 0
191 B 110ms
14ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame FF78
Redirect Chain

https://ups.analytics.yahoo.com/ups/58545/occ
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

0
357 B

375ms
375ms

Image
text/plain

13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 1
content-length: 0
x-amz-cf-id: Mns1qlvdL-yCjmlbs07VMH25zn-x6BSojap39FjvrNo7v7ySmIZUSQ==

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BC4C 15 KB
6 KB 9ms
7ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25330
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Dec 2022 10:20:43 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame CB3D 63 B
392 B 117ms
32ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 3e26e70ff784c664a715f16183961bd3f8e656fa54d52f9c442e6717d32e62cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 01 Jan 2023 03:18:33 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame CB3D 0
277 B 100ms
17ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Dec 2022 03:18:33 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

usersync
x.serverbid.com/ Frame CB3D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177

35 B
217 B

121ms
121ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUtQ2uNWNGiUv6BUidNjUHBzX9LcVxCp5GuGGn%2B5M3522EfGLafty%2F2pniQ2Rl5kJd8FOi7Q7nMjoMujuq04qSqRqBPQt2O4EpdQSM1CGY545vQkvObJvZMtG4%2FKNNHLKG19oYOoKNbxyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177
cache-control: no-cache
cf-ray: 7730ea7d88b09189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 prebid
rtb.openx.net/sync/ Frame CB3D 43 B
351 B 121ms
37ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:32 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 0ov9iukuakmaccpvp0vdeq6tgfop7kpu

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame CB3D
Redirect Chain

https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1

0
75 B

18ms
17ms

Image
text/plain

185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

usersync
e.serverbid.com/ Frame CB3D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58671/occ
https://ups.analytics.yahoo.com/ups/58671/occ?verify=true
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

35 B
217 B

122ms
121ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usersync
x.serverbid.com/ Frame CB3D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164

35 B
217 B

92ms
92ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:33 GMT
AN-X-Request-Uuid: a19088e1-04aa-44e7-851a-bf85c8029e73
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame CB3D 0
500 B 464ms
110ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-179
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 5F28 43 B
694 B 38ms
7ms Image
image/gif 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:33 GMT
AN-X-Request-Uuid: acf42525-002d-42d6-b08c-f59a199b609a
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 5F28 43 B
131 B 108ms
33ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame 5F28
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A

0
234 B

375ms
375ms

Image
text/plain

13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: TyQO8ZlHkvIOy6JoMFDtatpEEaFNkmZm1_3NCiQPaQfxqtFoM1ZGEw==

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5F28 70 B
264 B 40ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5F28 0
239 B 56ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

ImgSync
image8.pubmatic.com/AdServer/ Frame 5F28
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...

0
39 B

15ms
14ms

Image
text/plain

198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-length: 0

Redirect headers

location: /AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1
date: Fri, 02 Dec 2022 03:18:33 GMT
content-length: 286
content-type: text/html; charset=utf-8

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5F28 0
191 B 86ms
13ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame 5F28
Redirect Chain

https://ups.analytics.yahoo.com/ups/58545/occ
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

0
358 B

371ms
371ms

Image
text/plain

13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: lKwm1hjLXKjwCA0ICVJ_k-7ufzGnKxqbRqcspPCtcq8BCSCSqjaA9Q==

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 6DDC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

2 KB
1 KB

71ms
47ms

Document
text/html

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40f6e348ef4c5dd1c2f7b512bf6332535a2426f656e6f2bf3b0e9cec1ced2599

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7d28459189-FRA
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0%2FlqBZrrH2l7CL6NQKmK6Wapp3M%2FJaHLHc8mRZVebb4JorPlir23MsMhjUxL2m5geaJEJUM%2FxhsrKwlibe9qHHMcpAICqLvtbaMnnJzIpyhqHdZkd77RAqJi%2BJsF2nAavopDP5cBzc3cw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7ce9049136-FRA
content-length: 0
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMLKLXihHUMOsYoAx1UNQTeaEz8UGSGzjOJ9LB16oPyRrb20C%2F%2BtgGBXV22aXAHywdpHWHgvuGnDQKrelQXzaNSvAx5YhmfOLwIUbXpdwoUxABgL%2BmCSTElFfdFX1SVlHFu7kopI3dM98w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 26ED
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
410 B

18ms
9ms

Document
text/html

23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 02 Dec 2022 03:18:33 GMT
location: https://eus.rubiconproject.com/usync.html?p=12776
server: AkamaiGHost

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 3294 0
277 B 84ms
15ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Dec 2022 03:18:33 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

usersync
x.serverbid.com/ Frame 3294
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177

35 B
217 B

91ms
91ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z54fi7uD79yMuwcxck6qRR1fnU7QrEoa4hDVamHEyRDxsf10wm%2Bs2WX47NrwXGyDytIp0DkzKzFlUdeP5XQ7rSf2qhuUGqB0P2IjKRABCZdfU%2B6au15k8E%2B8g%2BMNZ8Cigd2Ln3%2BXgYNYAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177
cache-control: no-cache
cf-ray: 7730ea7d88bd9189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 3294 43 B
135 B 110ms
38ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: klv7nhaojnfkc2epaimvo0shq56rji0p

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 3294
Redirect Chain

https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1

0
75 B

20ms
18ms

Image
text/plain

185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

usersync
e.serverbid.com/ Frame 3294
Redirect Chain

https://ups.analytics.yahoo.com/ups/58671/occ
https://ups.analytics.yahoo.com/ups/58671/occ?verify=true
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

35 B
217 B

94ms
92ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usersync
x.serverbid.com/ Frame 3294
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164

35 B
268 B

95ms
93ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:33 GMT
AN-X-Request-Uuid: 8104dc18-2e79-4560-bc2b-6aafb87628c4
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 3294 0
500 B 448ms
106ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-162
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C0B2 15 KB
6 KB 43ms
0ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25330
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Dec 2022 10:20:43 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 3294 63 B
391 B 103ms
33ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 3e26e70ff784c664a715f16183961bd3f8e656fa54d52f9c442e6717d32e62cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 01 Jan 2023 03:18:33 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame CE28
Redirect Chain

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=701414362275006164

0
234 B

421ms
381ms

Image
text/plain

13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=701414362275006164
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: udQOaZlHfa7zQJOFEPAp83h9Hywy-T7KP9XXWPVac75YAMXnMjZHLg==

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:33 GMT
AN-X-Request-Uuid: c26edaf0-f7db-4c1d-a7d5-d86846ace6a7
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=701414362275006164
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame CE28 43 B
120 B 95ms
34ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame CE28
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A

0
233 B

374ms
373ms

Image
text/plain

13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: AcolxsNWkXDQiw90ztQHdN9ZDf61KyNhOxReqoLFjKfg22wVPM3vZw==

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CE28 70 B
264 B 67ms
23ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame CE28 0
239 B 56ms
7ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

ImgSync
image8.pubmatic.com/AdServer/ Frame CE28
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...

0
39 B

15ms
14ms

Image
text/plain

198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-length: 0

Redirect headers

location: /AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1
date: Fri, 02 Dec 2022 03:18:32 GMT
content-length: 286
content-type: text/html; charset=utf-8

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame CE28 0
191 B 73ms
14ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame CE28
Redirect Chain

https://ups.analytics.yahoo.com/ups/58545/occ
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

0
357 B

286ms
285ms

Image
text/plain

13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: fS_Srqc2TJTJfK6LsOYMg4cf78ZqcmivK8rRPgfcJBCSyNH8_Dc_Yg==

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 289F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

2 KB
1 KB

62ms
42ms

Document
text/html

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26ece9652e9d7255bf0ce6a3b5b1f71ef986864bcbd1b342a2e30602f1c52a98

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7d28439189-FRA
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5ec27OfxWSqWlWMULD2Yu0aCkMxj7LAjeBGwTUROGet7voHfuuaZH3y73yMQBJ2KiT1%2Bi2HGsrWfF5uSPA7j%2Fo%2F8acW0aN2ZV5cMx1DPZQZtYjkIfBI6cVsPeRVCpZGqnw%2FZwwVFNTfyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7ce9039136-FRA
content-length: 0
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKgBn6ybb90Q1SXLmrePnmxnPbIy2UitKykHGRe9hWDciY7M4b0hkIXWsXvDEg0QoTz4DCDBuWv3d9KFLTHghdEOIup%2BgUmqcPgYUwLkXT%2FMf0bZiJeKZgpXa78XpMEBmnYvPAAEZQkveQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 926F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
410 B

17ms
9ms

Document
text/html

23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 02 Dec 2022 03:18:33 GMT
location: https://eus.rubiconproject.com/usync.html?p=12776
server: AkamaiGHost

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame BFAF 0
277 B 70ms
14ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Dec 2022 03:18:33 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

usersync
x.serverbid.com/ Frame BFAF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177

35 B
217 B

92ms
91ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QKMuH%2BsFeWtIi9tPB0VF3gC07joIozEJF7%2BNjarVFj%2Fo%2FsF5piVoEh9eCeOvRw7diwZVINgeySfHITVFCrZ3bph4IQulfX1WJBRJ49GopWk%2BnUPbWCAxeshDqYwvEELq70Ret0d6G19oA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177
cache-control: no-cache
cf-ray: 7730ea7d88bc9189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 prebid
rtb.openx.net/sync/ Frame BFAF 43 B
133 B 100ms
42ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:32 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: g8el2a2pk0qhe02cdf9f1ss8og41ko2v

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame BFAF
Redirect Chain

https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1

0
75 B

19ms
18ms

Image
text/plain

185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:32 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

usersync
e.serverbid.com/ Frame BFAF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58671/occ
https://ups.analytics.yahoo.com/ups/58671/occ?verify=true
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

35 B
217 B

93ms
93ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usersync
x.serverbid.com/ Frame BFAF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164

35 B
217 B

97ms
91ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:33 GMT
AN-X-Request-Uuid: 767da4d1-f079-4467-86ef-71778e44de3d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame BFAF 0
498 B 435ms
107ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-19
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 34D0 15 KB
6 KB 41ms
0ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25330
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Dec 2022 10:20:43 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame BFAF 63 B
391 B 93ms
37ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 3e26e70ff784c664a715f16183961bd3f8e656fa54d52f9c442e6717d32e62cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 01 Jan 2023 03:18:33 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame 4E73
Redirect Chain

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=701414362275006164

0
235 B

310ms
283ms

Image
text/plain

13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=701414362275006164
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: K7pGPMPuddLJ_BrABwJ518HRbkj5Q4JhVozzSCHUDbwKWsUvpMvWgA==

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:33 GMT
AN-X-Request-Uuid: c1cbb6c7-3284-4f2d-ba6e-f6fa4dfb2842
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=701414362275006164
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 4E73 43 B
120 B 82ms
34ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame 4E73
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A

0
233 B

375ms
374ms

Image
text/plain

13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: zJ93ANqK9k-lrDKAxVOOJjr4mchdgTbuLcXSFv8hguaseS3smOGSIw==

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4E73 70 B
264 B 72ms
25ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 4E73 0
239 B 53ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

ImgSync
image8.pubmatic.com/AdServer/ Frame 4E73
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...

0
39 B

15ms
14ms

Image
text/plain

198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:32 GMT
content-length: 0

Redirect headers

location: /AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1
date: Fri, 02 Dec 2022 03:18:32 GMT
content-length: 286
content-type: text/html; charset=utf-8

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4E73 0
191 B 61ms
15ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame 4E73
Redirect Chain

https://ups.analytics.yahoo.com/ups/58545/occ
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

0
356 B

375ms
375ms

Image
text/plain

13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: kJeY8-_1_FVqi3o4uL819cPApHaRMj1fc66iyWFY_nPYu5e31LpKyA==

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 1848
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

2 KB
1 KB

65ms
49ms

Document
text/html

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5fdab6ed996ced865743c7f428f1a3fb1ae494d551cd50cbd22cb4a3f612245

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7d28469189-FRA
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k77wiNWUMtzPacDzSmGJ%2F34ByDd6bH1gfBs1NMvGRJQ6%2BxQYobPD16MG2sovgVRrP%2BN8JTGjR55K3B7wX8VexpHRGRoF5eaNSy%2Bjn7zhagedPcsX9Ux1iDDn%2FKtDZKgDh6DDqNFE54YRAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7cf9179136-FRA
content-length: 0
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4EFgq1W66bZPmb0ES7YJfvA4jGaixfhNfILbpMGThCRQ3R9jpcoWcgR0vYseBa%2BnThKWxyvv%2BjnEeSnTHxGTuStFKNFZ3TNtF66MAcl1GT8HIkRoEB8vlSK1x%2BzlNdI4BXWK%2FunWiIwtg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame E925
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
410 B

18ms
10ms

Document
text/html

23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 02 Dec 2022 03:18:33 GMT
location: https://eus.rubiconproject.com/usync.html?p=12776
server: AkamaiGHost

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame 16CB
Redirect Chain

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=701414362275006164

0
233 B

287ms
283ms

Image
text/plain

13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=701414362275006164
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: NUNWNyZvT_liMG5_PctwLrf4NLh1_-s664BYof-ar9UPL9C9oUqA1Q==

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:33 GMT
AN-X-Request-Uuid: 5a0ec5e8-2079-4e47-b2cc-f4ad926afbfe
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=701414362275006164
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 16CB 43 B
120 B 76ms
35ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame 16CB
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A

0
233 B

375ms
375ms

Image
text/plain

13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: 0XmHCBWwGyT5MksnsAo_7e1y2CkGIhr6ivF74hRv3foSTBl_QQM7EA==

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-816QDrhE2uFu6qprXNayxxUYyLUH2maI~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 16CB 70 B
264 B 66ms
26ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 16CB 0
239 B 49ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

ImgSync
image8.pubmatic.com/AdServer/ Frame 16CB
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...

0
39 B

15ms
15ms

Image
text/plain

198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-length: 0

Redirect headers

location: /AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1
date: Fri, 02 Dec 2022 03:18:32 GMT
content-length: 286
content-type: text/html; charset=utf-8

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 16CB 0
191 B 54ms
14ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

sync
usr.undertone.com/userPixel/ Frame 16CB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58545/occ
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

0
357 B

375ms
372ms

Image
text/plain

13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: wWIDxKC45j2LBlbkHt39DgPrUN0JoU3fjFHz_dOmlbOXnjcmR2HobA==

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 7BCE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

2 KB
1 KB

44ms
37ms

Document
text/html

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eb7432036bcd0f946b6068d3cf8835e09ef6f33e4842c3bcf32170a6ae39ceb

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7d38499189-FRA
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7iC%2FKPCXgXyQDGvT5ziwtYUaV6i04xXuIWbiD6l4Fv7Bn5N7ZFgOPd%2BpdPQECXqBcIEaBq5Hrbze2V32uq7vzMsWxk8sFcq%2FSwU3dKiJ62dagzbhYmpsCvZNWRB8msWPnNwkwnb7ScgcA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7d092b9136-FRA
content-length: 0
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqxPbwTkOy%2BDvpxbzy1S2qAShh7EUF%2FW7INEU%2FM%2B1JeBOdzA8%2Ft2sZ2fBwyDWxFcz7qzf4FHmhyFzwZ%2Bp2tE%2FlSzyCTCh%2FmPYUoa50eB%2FFRtlhhLdowNHqcqQJkcBPNskhEyKRBS%2BBandA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 64A8
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
410 B

17ms
10ms

Document
text/html

23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "403b9-119-5ec73a0a33d00"
last-modified: Wed, 02 Nov 2022 02:30:44 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 02 Dec 2022 03:18:33 GMT
location: https://eus.rubiconproject.com/usync.html?p=12776
server: AkamaiGHost

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 8162 0
277 B 52ms
15ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Dec 2022 03:18:33 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

usersync
x.serverbid.com/ Frame 8162
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177

35 B
217 B

116ms
116ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grYgZtYplWLySNzLRpQ3SIammVML2TqARjmDWA5ncj0KONHhfVKGdkiwFvZG9ByTJh2MIztKjUOROnzP%2FZIKlfmmGCxSFF93wcL%2BFc7iazMJxy9a8%2Fgir%2BnLt8zL3FyGLAg4XV9g38MqxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177
cache-control: no-cache
cf-ray: 7730ea7db8e59189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 8162 43 B
134 B 74ms
39ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:32 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 5fmgu2qr5jd8btgjkoldlo1ifijn3our

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 8162
Redirect Chain

https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1

0
75 B

19ms
17ms

Image
text/plain

185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

usersync
e.serverbid.com/ Frame 8162
Redirect Chain

https://ups.analytics.yahoo.com/ups/58671/occ
https://ups.analytics.yahoo.com/ups/58671/occ?verify=true
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

35 B
217 B

94ms
92ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usersync
x.serverbid.com/ Frame 8162
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164

35 B
217 B

93ms
92ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:33 GMT
AN-X-Request-Uuid: 14d75527-ba6e-4ceb-9dbc-6f0473b57640
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 8162 0
498 B 431ms
104ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-65
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4F0B 15 KB
6 KB 36ms
4ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25330
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Dec 2022 10:20:43 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 8162 63 B
391 B 66ms
32ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 3e26e70ff784c664a715f16183961bd3f8e656fa54d52f9c442e6717d32e62cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 01 Jan 2023 03:18:33 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 0ABA 0
277 B 61ms
15ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Dec 2022 03:18:33 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

usersync
x.serverbid.com/ Frame 0ABA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177

35 B
217 B

117ms
117ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKNFkw%2FXDe%2B7w%2FtMAPYOCUHnJjJxoLzXYfJVO1MgTmUGadVqzKzTFjyazOTal%2FubDBAAZDDpHCPfFYlpVgVU0k5h2mMH4vII3excV%2FrQuSEAJ6gCjqeTPgzdMnzj%2FHejh3X0GZBnZZ664g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y4luiSbzMqW6Vu4hNukvCgAA%265177
cache-control: no-cache
cf-ray: 7730ea7db8ef9189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 0ABA 43 B
133 B 68ms
38ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:32 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 9l2n936d2nhin8cs0d3kuspehcd2jamt

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 0ABA
Redirect Chain

https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1

0
75 B

19ms
18ms

Image
text/plain

185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

usersync
e.serverbid.com/ Frame 0ABA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58671/occ
https://ups.analytics.yahoo.com/ups/58671/occ?verify=true
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A

35 B
217 B

93ms
93ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usersync
x.serverbid.com/ Frame 0ABA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164

35 B
217 B

93ms
93ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:33 GMT
AN-X-Request-Uuid: 64bb98a5-9014-41b7-ad07-3fc6fcbc9b46
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=701414362275006164
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 0ABA 0
498 B 431ms
105ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-25
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 01B8 15 KB
6 KB 30ms
5ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25330
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Dec 2022 10:20:43 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 0ABA 63 B
391 B 60ms
33ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 3e26e70ff784c664a715f16183961bd3f8e656fa54d52f9c442e6717d32e62cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 01 Jan 2023 03:18:33 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A24E 3 KB
3 KB 194ms
16ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45845671&p=156725&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a1a51477b290a60449cf98dbec908c5dbafcf9a9a1cd30303ef30a863f7f7579

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame CC4D 54 B
510 B 33ms
33ms Document
text/html 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPjXIAAPjXIAAAXADAENCtCgAAAAAH_AAAAAAAASVAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCAlsqEEoLpDTCAKssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIT0AAA.YAAAAAAAAAAA&d=https%3A%2F%2Fkoel.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7d68919189-FRA
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1X8PGbp26RMlLWyhXpMLZy%2BhDgwD48TRI0X8EIo%2B7ctbBddgKsr9srhAJfQrOw85aJVV7jcsMpwHktj%2Br5j%2BRdr4EnDVik0sUX%2Bk3kgjy6L9FXNddvMMAakWSOBJLUeG2k91%2BSxTCAoVw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame A7AE 54 B
509 B 34ms
33ms Document
text/html 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPjXIAAPjXIAAAXADAENCtCgAAAAAH_AAAAAAAASVAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCAlsqEEoLpDTCAKssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIT0AAA.YAAAAAAAAAAA&d=https%3A%2F%2Fkoel.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7db8f89189-FRA
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUZRfTpj9s33JfFx8dc9hPLn6iHFnXCDBQaAgy5AqzblWMPI7Vv3K88nq0bwj78ts%2FIwFnSN5kT2%2B%2BBadZvUvjFDSkYDjnzxMNYBRCE1VlXZT3F77fnu%2B%2B1R3gIFVHdt6LZPcLID0si2tw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame CF72 34 KB
10 KB 7ms
7ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 20:10:05 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=60727
content-length: 10067
expires: Fri, 02 Dec 2022 20:10:40 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 926F 34 KB
10 KB 7ms
7ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 20:10:05 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=60727
content-length: 10067
expires: Fri, 02 Dec 2022 20:10:40 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 26ED 34 KB
10 KB 9ms
8ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 20:10:05 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=60727
content-length: 10067
expires: Fri, 02 Dec 2022 20:10:40 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame E925 34 KB
10 KB 7ms
7ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 20:10:05 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=60727
content-length: 10067
expires: Fri, 02 Dec 2022 20:10:40 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 64A8 34 KB
10 KB 8ms
7ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 20:10:05 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=60727
content-length: 10067
expires: Fri, 02 Dec 2022 20:10:40 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 94B4 54 B
510 B 29ms
29ms Document
text/html 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPjXIAAPjXIAAAXADAENCtCgAAAAAH_AAAAAAAASVAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCAlsqEEoLpDTCAKssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIT0AAA.YAAAAAAAAAAA&d=https%3A%2F%2Fkoel.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7e09569189-FRA
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62PGQV2nZyCngTiHy28qV9%2FSM5tZH5LzIZrd%2BD4x1%2FK%2FUiF%2F0eSaOR9HHIP8HBG8USawj6FfAOQnB%2Few5VmJK3w2nLrhH8mf5Ced0wggKqyjR8H2YiMN3n065t%2BuT8QpO04ZSedVTaEKwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 7BCE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4luiUTgaSE1cAOo173A8gAABJYAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y4luiUTgaSE1cAOo173A8gAABJYAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBvPoxfuXbntwTgr37IaEjo&google_cver=1

43 B
841 B

53ms
27ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBvPoxfuXbntwTgr37IaEjo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A257vkT17v7lbOiEVA3I9tG1d1bACjJPOx421BYnEfqROMiMPdm8CwW6u9OOBV0CBtpbjlfDKnJ70AgJC3PByQLLnjJm8o6Odk4%2FqOglTyTDiOHbUwLKswFt5f%2BQueh6kvB4JQ2LjAUZZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7730ea802c2d9189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBvPoxfuXbntwTgr37IaEjo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 7BCE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiUTgaSE1cAOo173A8gAABJYAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiUTgaSE1cAOo173A8gAABJYAAAIB&dcc=t

43 B
855 B

128ms
128ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiUTgaSE1cAOo173A8gAABJYAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S2VYTQ5YHWHNM1XHQE8M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C39B3B9RAWMRK0CTM53K
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiUTgaSE1cAOo173A8gAABJYAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 7BCE 70 B
264 B 35ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7BCE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4luiSbzMqW6Vu4hNukvCgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYbhGyw7ZBRGk6nb4EuchE&google_cver=1

43 B
766 B

15ms
15ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYbhGyw7ZBRGk6nb4EuchE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYbhGyw7ZBRGk6nb4EuchE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7BCE
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

date: Fri, 02 Dec 2022 03:18:34 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 7BCE 0
0 44ms
15ms Image
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7BCE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2a736389-6e8a-4d00-9477-ec38a71dfab0

43 B
766 B

10ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2a736389-6e8a-4d00-9477-ec38a71dfab0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: MT3 180 1fd3e2d master zrh-pixel-x31 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2a736389-6e8a-4d00-9477-ec38a71dfab0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 02 Dec 2022 03:18:33 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7BCE
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=701414362275006164

43 B
766 B

9ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=701414362275006164
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
AN-X-Request-Uuid: acf54457-e345-4bce-bbf5-cf146b4b80af
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=701414362275006164
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
usr.undertone.com/userPixel/ Frame 7BCE 0
345 B 379ms
376ms Image
text/plain 13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Y4luiUTgaSE1cAOo173A8gAABJYAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: 00BjwEIHY2mSa0QZPsQMoeiD9hNEe-1JqtKXUeOpp2pGmDW2o08-lg==

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 289F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4luiSbzMqW6Vu4hNukvCgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKtBq0DvY2jYs_MKuqjdZvA&google_cver=1

43 B
766 B

34ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKtBq0DvY2jYs_MKuqjdZvA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKtBq0DvY2jYs_MKuqjdZvA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 289F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSURUpH_Jglvsd898AAABGoAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSURUpH_Jglvsd898AAABGoAAAIB&dcc=t

43 B
855 B

124ms
124ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSURUpH_Jglvsd898AAABGoAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MNEF85VWN75D4KKRB42V
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B6G95EX0YDARRNT6Q0PF
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSURUpH_Jglvsd898AAABGoAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 289F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4luiSURUpH_Jglvsd898AAABGoAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y4luiSURUpH_Jglvsd898AAABGoAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECrQwMGcSSQcZJN_2desIL0&google_cver=1

43 B
847 B

53ms
26ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECrQwMGcSSQcZJN_2desIL0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9IU6AdDqPx%2F%2FKAMcbhj6Yf6ZewD0AgbouyS6rtAxqp2e1YsxR%2FGsbsZMuTMeqFZU0tSA%2B49a3Qxm%2B6QCHBGXjFogFghQGxYOvYHDcJ4pEaSKr7z8fnWSoCNwPN%2BSuh3uW0%2FF3sym5E5JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7730ea802c2e9189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECrQwMGcSSQcZJN_2desIL0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 289F 70 B
264 B 35ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 289F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y4luigAASP55PgAe
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4luigAASP55PgAe&_test=Y4luigAASP55PgAe

43 B
766 B

21ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4luigAASP55PgAe&_test=Y4luigAASP55PgAe
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=493
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-hhn4063-HHN
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1669951114.220501,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4luigAASP55PgAe&_test=Y4luigAASP55PgAe
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

crum
dsum.casalemedia.com/ Frame 289F
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=92ab3b02-957f-5459-d5dea714

43 B
872 B

69ms
26ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=92ab3b02-957f-5459-d5dea714
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WEnc%2BMo20UHawPsvslzbxBM6zhaMuoYv5Es%2B4PJ%2FC0MvmrKjIyeEQcQw3GJDtppzKR86zLeYUmvRPMrMulmbVyHodjUN40eqkgESryzQRoBDnXEg3VN4VZWLt%2ByEmjrCHfXfikl"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7730ea806fc3bba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 google
server: nginx/1.22.1
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=92ab3b02-957f-5459-d5dea714
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 289F 0
0 46ms
18ms Image
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 289F
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=QGsaA0A9GltbaERbTm0PCkJqG15baUEJQ2p0e5Zt

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=QGsaA0A9GltbaERbTm0PCkJqG15baUEJQ2p0e5Zt
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=QGsaA0A9GltbaERbTm0PCkJqG15baUEJQ2p0e5Zt
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
usr.undertone.com/userPixel/ Frame 289F 0
347 B 377ms
376ms Image
text/plain 13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Y4luiSURUpH_Jglvsd898AAABGoAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: 0C8o1odcQNBP8jU5IJ_qodaEw7lK5HL436TzAjZfSruQ6z3JSZpFcA==

GET
H2 200 Y4luiSURUpH_Jglvsd898AAABGoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F1C1 43 B
601 B 123ms
33ms Image
image/gif 2a05:d018:d29:3601:a6b1:a514:8d07:4a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y4luiSURUpH_Jglvsd898AAABGoAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:a6b1:a514:8d07:4a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F1C1
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=701414362275006164

43 B
766 B

10ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=701414362275006164
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:33 GMT
AN-X-Request-Uuid: ebf6e266-e525-4ae1-9978-a0c815c1fd26
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=701414362275006164
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F1C1
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEZrE7HEt0AAB9nYrBnyw&expiration=1671160714

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEZrE7HEt0AAB9nYrBnyw&expiration=1671160714
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=491
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEZrE7HEt0AAB9nYrBnyw&expiration=1671160714
Date: Fri, 02 Dec 2022 03:18:34 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F1C1
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2584608020424312419

43 B
766 B

27ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2584608020424312419
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2584608020424312419
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F1C1
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084922768025980

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084922768025980
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084922768025980
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F1C1
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
766 B

11ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

date: Fri, 02 Dec 2022 03:18:34 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F1C1
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3c5ed155-988a-0b1c-75b8a696

43 B
766 B

26ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3c5ed155-988a-0b1c-75b8a696
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=492
Content-Length: 43
Expires: 0

Redirect headers

date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 google
server: nginx/1.22.1
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3c5ed155-988a-0b1c-75b8a696
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F1C1
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=805e73c5-cc5e-479f-816f-e5a6e7cf9d9d

43 B
766 B

10ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=805e73c5-cc5e-479f-816f-e5a6e7cf9d9d
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=805e73c5-cc5e-479f-816f-e5a6e7cf9d9d
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H2 200 sync
usr.undertone.com/userPixel/ Frame F1C1 0
348 B 386ms
373ms Image
text/plain 13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Y4luiSURUpH_Jglvsd898AAABGoAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: k9XJTVpv84rpfPRyQH8GwpNzyewtpDY1NrPPk_VCpyQpgH8dTZAxyg==

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 6DDC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4luiftvSxSp2wLsmBoPlwAABMMAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y4luiftvSxSp2wLsmBoPlwAABMMAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDFVRRThmRsJQOeUzb8vhGg&google_cver=1

43 B
841 B

60ms
33ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDFVRRThmRsJQOeUzb8vhGg&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhT5q1GzpVjrFyZfQVecZLsraJx%2FkxJ4pmAr4wMavCRueh5hXVD3Or4ywE3fz9q73ufodXWA%2F9vOD2DBumlD6eDY4nNJDqDAMXrh4gGhi3T485eOf5CnBnW0lRBN9fUQRBkrDC6PHjsMSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7730ea803c329189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDFVRRThmRsJQOeUzb8vhGg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6DDC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4luiSbzMqW6Vu4hNukvCgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKd95Ao9_-wk_lE8ImT9v38&google_cver=1

43 B
766 B

14ms
13ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKd95Ao9_-wk_lE8ImT9v38&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKd95Ao9_-wk_lE8ImT9v38&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6DDC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiftvSxSp2wLsmBoPlwAABMMAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiftvSxSp2wLsmBoPlwAABMMAAAIB&dcc=t

43 B
855 B

116ms
115ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiftvSxSp2wLsmBoPlwAABMMAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MSYAE5FF81BHPXJS9D3H
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6WZXBMD1PDRQ15N06G3E
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiftvSxSp2wLsmBoPlwAABMMAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6DDC 70 B
264 B 44ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 6DDC
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y4luiftvSxSp2wLsmBoPlwAA%261219?gdpr_consent=&us_privacy=&gdpr=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y4luiftvSxSp2wLsmBoPlwAA%261219

42 B
942 B

41ms
37ms

Image
image/gif

52.30.42.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y4luiftvSxSp2wLsmBoPlwAA%261219

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

HTTP/1.1

Server

52.30.42.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-42-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0e6039550.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 83RVasLeQ8k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-00960800d.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: vseOvA74SQU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y4luiftvSxSp2wLsmBoPlwAA%261219
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6DDC
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D22DEA17278644C7860BF5818CA5ED2F

43 B
766 B

12ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D22DEA17278644C7860BF5818CA5ED2F
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

date: Fri, 02 Dec 2022 03:18:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D22DEA17278644C7860BF5818CA5ED2F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 01 Dec 2022 03:18:34 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6DDC
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=490
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2 200 bridge
cm.adgrx.com/ Frame 6DDC 43 B
283 B 102ms
14ms Image
image/gif 72.251.245.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-7
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 sync
usr.undertone.com/userPixel/ Frame 6DDC 0
347 B 388ms
376ms Image
text/plain 13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Y4luiftvSxSp2wLsmBoPlwAABMMAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: ZWdWsLMGK1X8eNDxArcmOrOIfHaubuyc1CYCRXwmgU6U4F00Xa8big==

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1848
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB&dcc=t

43 B
855 B

124ms
124ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QRRB2AAQHYT7NZ3K5FQ0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S0BX9YQKAF9JMPQ9S2WE
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1848 70 B
264 B 33ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 1848
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKLzaQ8Hy9C7ZGltuMpMtyI&google_cver=1

43 B
844 B

32ms
31ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKLzaQ8Hy9C7ZGltuMpMtyI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCnu5eAGmhYFU3EEjwvyyu37JxQTdBti%2B1akJ%2Buak1XEBNeqsVbsMn253b5jE4AK%2FNu4ea7Mtajb8XbZFY%2BUVqSnYrK1jBYJdc8Zn4jl4m8yZ1T52n1UVDitPvCzbtVgfWIz9AF%2B6mgqkg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7730ea7ffc059189-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKLzaQ8Hy9C7ZGltuMpMtyI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1848
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4luiSbzMqW6Vu4hNukvCgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPkrDEYzH-GtQabXnFvl3NM&google_cver=1

43 B
766 B

38ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPkrDEYzH-GtQabXnFvl3NM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPkrDEYzH-GtQabXnFvl3NM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1848
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1522284163619371211&expiration=1671123342

43 B
766 B

25ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1522284163619371211&expiration=1671123342
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1522284163619371211&expiration=1671123342
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1848
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y4luiSbzMqW6Vu4hNukvCgAA%265177
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=96a64b5b-a98f-497a-b448-977b3fd06b35-tucta82f40a

43 B
766 B

10ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=96a64b5b-a98f-497a-b448-977b3fd06b35-tucta82f40a
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=96a64b5b-a98f-497a-b448-977b3fd06b35-tucta82f40a
date: Fri, 02 Dec 2022 03:18:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13660

GET
H2 200 bridge
cm.adgrx.com/ Frame 1848 43 B
282 B 101ms
15ms Image
image/gif 72.251.245.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-7
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1848 43 B
600 B 43ms
33ms Image
image/gif 2a05:d018:d29:3601:a6b1:a514:8d07:4a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:a6b1:a514:8d07:4a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
usr.undertone.com/userPixel/ Frame 1848 0
347 B 386ms
377ms Image
text/plain 13.225.78.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-55.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:33 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: 20_rIVV2yWfYUSyyrV81tMqSf4MdLpGS3hn0VNx6VtTWa_XFXGuo5g==

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 47A0 54 B
510 B 30ms
29ms Document
text/html 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPjXIAAPjXIAAAXADAENCtCgAAAAAH_AAAAAAAASVAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCAlsqEEoLpDTCAKssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIT0AAA.YAAAAAAAAAAA&d=https%3A%2F%2Fkoel.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7e6a249189-FRA
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLVR11apxlxtAKkl%2BUZuYHNeHuFfgIWXyN4wch%2BEbl9l%2FDv8pGgEHDk4FxlVQnsBixYIcRtPaxl3SZk2FLvwY73c8kG4BhNhGS%2BGoE6pqrb5QNckG%2FOk%2BKyk8dDUD4bq9AB0jLm7IPCn7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame AB6B 3 KB
1 KB 21ms
19ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 286
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7730ea7e78b99b43-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: Fri, 02 Dec 2022 07:18:33 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 chunk-9.72819ecd3d539b71bdd0.1669844686840.js Show response
koel.com/public/dist/chunks/ 3 KB
1 KB 8ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-9.72819ecd3d539b71bdd0.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) / Express

Resource Hash

566890c99dbf82bc4df8e134197fecf1710fc93c2ade3807c4428dc4402c7977

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:34 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25439
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 1191
last-modified: Thu, 01 Dec 2022 20:12:19 GMT
server: ECS (frb/67C1)
etag: W/"cdd-184cf518ee2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 3448307512 3448021681
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:33 GMT

GET
H2 200 chunk-13.160551b2c398e9d58ab7.1669844686840.js Show response
koel.com/public/dist/chunks/ 28 KB
7 KB 8ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-13.160551b2c398e9d58ab7.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) / Express

Resource Hash

f4c8a83f4ab8a70efeab8829002047911d2c9b1269216b284de3f0e9235dd2b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:34 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25439
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 7334
last-modified: Thu, 01 Dec 2022 20:12:18 GMT
server: ECS (frb/67BD)
etag: W/"70c2-184cf518a5a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 2582466026 2582181422
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:33 GMT

GET
H2 200 chunk-2.158fab88e994fe9c9286.1669844686840.js Show response
koel.com/public/dist/chunks/ 573 B
672 B 7ms
7ms Script
application/javascript 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/public/dist/chunks/chunk-2.158fab88e994fe9c9286.1669844686840.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) / Express

Resource Hash

31e4f128d68318fa4bcff974582aa7cf4b5e3cc1c0630afab50e89ae68ab79bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish
age: 25439
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 573
last-modified: Thu, 01 Dec 2022 20:12:19 GMT
server: ECS (frb/67DF)
etag: W/"23d-184cf518f81"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 2582466099 2582181424
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:33 GMT

GET
H/1.1

200
OK

ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0
dpm.demdex.net/ Frame CB3D
Redirect Chain

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

42 B
942 B

52ms
32ms

Image
image/gif

52.30.42.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Server

52.30.42.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-42-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-083f91df3.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0fv5N+4aReo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Fri, 02 Dec 2022 03:18:33 GMT
X-Clacks-Overhead: GNU Terry Pratchett
X-Adswizz-request-id: 010d4510-71f0-11ed-ba57-0a411104c455
Instance-id: i-01b4edf9cb93554cd
Location: https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0
Connection: keep-alive
Content-Length: 0
X-Application-Context: application:production

GET
H/1.1 200 afr.php Show response
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 67E5 402 B
989 B 199ms
48ms Document
text/html 52.51.35.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by: Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.35.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-35-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Charset: utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 402
Content-Type: text/html;charset=UTF-8
Date: Fri, 02 Dec 2022 03:18:33 GMT
Instance-id: i-07061d14cac67e2b2
P3P: policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code: -1
X-Adswizz-request-id: 010c81c0-71f0-11ed-bcef-0a82efd10d99
X-Application-Context: application:production
X-Clacks-Overhead: GNU Terry Pratchett

GET
H/1.1

200
OK

ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0
dpm.demdex.net/ Frame 3294
Redirect Chain

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

42 B
942 B

32ms
31ms

Image
image/gif

52.30.42.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Server

52.30.42.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-42-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0780584f2.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: vQucv5IARh4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Fri, 02 Dec 2022 03:18:34 GMT
X-Clacks-Overhead: GNU Terry Pratchett
X-Adswizz-request-id: 0111b1e0-71f0-11ed-9277-0ab92d7a5d8d
Instance-id: i-0ded493f84cf11377
Location: https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0
Connection: keep-alive
Content-Length: 0
X-Application-Context: application:production

GET
H/1.1 200 afr.php Show response
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 6606 402 B
992 B 199ms
49ms Document
text/html 52.51.35.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by: Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.35.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-35-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Charset: utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 402
Content-Type: text/html;charset=UTF-8
Date: Fri, 02 Dec 2022 03:18:33 GMT
Instance-id: i-00df700484dbcc434
P3P: policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code: -1
X-Adswizz-request-id: 010ccfe0-71f0-11ed-b15f-02c073bf91c7
X-Application-Context: application:production
X-Clacks-Overhead: GNU Terry Pratchett

GET
H/1.1

200
OK

ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0
dpm.demdex.net/ Frame BFAF
Redirect Chain

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

42 B
942 B

32ms
32ms

Image
image/gif

52.30.42.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Server

52.30.42.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-42-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0314701ba.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Qz074cQmTC8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Fri, 02 Dec 2022 03:18:34 GMT
X-Clacks-Overhead: GNU Terry Pratchett
X-Adswizz-request-id: 01181a80-71f0-11ed-b756-0248d5c7ca91
Instance-id: i-00fc496d87c642670
Location: https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0
Connection: keep-alive
Content-Length: 0
X-Application-Context: application:production

GET
H/1.1 200 afr.php Show response
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame D8BF 402 B
991 B 199ms
52ms Document
text/html 52.51.35.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by: Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.35.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-35-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Charset: utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 402
Content-Type: text/html;charset=UTF-8
Date: Fri, 02 Dec 2022 03:18:33 GMT
Instance-id: i-078ae37c431b5cb98
P3P: policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code: -1
X-Adswizz-request-id: 010ca8d0-71f0-11ed-a233-0aefcc5717e3
X-Application-Context: application:production
X-Clacks-Overhead: GNU Terry Pratchett

GET
H/1.1

200
OK

ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0
dpm.demdex.net/ Frame 8162
Redirect Chain

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

42 B
942 B

31ms
31ms

Image
image/gif

52.30.42.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Server

52.30.42.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-42-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-02fbabcd7.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gstp4DViQlE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Fri, 02 Dec 2022 03:18:34 GMT
X-Clacks-Overhead: GNU Terry Pratchett
X-Adswizz-request-id: 011868a0-71f0-11ed-93b3-0691d9b43dd1
Instance-id: i-0444e429d0c8d3764
Location: https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0
Connection: keep-alive
Content-Length: 0
X-Application-Context: application:production

GET
H/1.1 200 afr.php Show response
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame B3A2 402 B
992 B 192ms
50ms Document
text/html 52.51.35.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by: Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.35.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-35-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Charset: utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 402
Content-Type: text/html;charset=UTF-8
Date: Fri, 02 Dec 2022 03:18:33 GMT
Instance-id: i-09c0a0d256b235cad
P3P: policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code: -1
X-Adswizz-request-id: 010ccfe0-71f0-11ed-b1bb-0225caaf6de9
X-Application-Context: application:production
X-Clacks-Overhead: GNU Terry Pratchett

GET
H/1.1

200
OK

ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0
dpm.demdex.net/ Frame 0ABA
Redirect Chain

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

42 B
942 B

63ms
30ms

Image
image/gif

52.30.42.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Server

52.30.42.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-42-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0ff225fd5.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9Ao1fuJiQ7c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Fri, 02 Dec 2022 03:18:34 GMT
X-Clacks-Overhead: GNU Terry Pratchett
X-Adswizz-request-id: 0118ddd0-71f0-11ed-ab84-0641e1bc018f
Instance-id: i-03058b2bd716517ed
Location: https://dpm.demdex.net/ibs:dpid=175765&dpuuid=b2763e32b81177deda572a3958dca8a0
Connection: keep-alive
Content-Length: 0
X-Application-Context: application:production

GET
H/1.1 200 afr.php Show response
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 7F97 402 B
992 B 204ms
62ms Document
text/html 52.51.35.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by: Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.35.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-35-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Charset: utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 402
Content-Type: text/html;charset=UTF-8
Date: Fri, 02 Dec 2022 03:18:34 GMT
Instance-id: i-0d7fdb6927624903b
P3P: policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code: -1
X-Adswizz-request-id: 010cf6f0-71f0-11ed-a70b-06edf25f6733
X-Application-Context: application:production
X-Clacks-Overhead: GNU Terry Pratchett

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 9934
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=220CBF35-2E8B-4960-BD57-56E253BFEDE6&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=220CBF35-2E8B-4960-BD57-56E253BFEDE6&gdpr=0&gdpr_consent=

35 B
467 B

43ms
31ms

Document
image/gif

37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=220CBF35-2E8B-4960-BD57-56E253BFEDE6&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Fri, 02 Dec 2022 03:18:34 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Fri, 02 Dec 2022 03:18:34 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=220CBF35-2E8B-4960-BD57-56E253BFEDE6&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2AD3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a736389-6e8a-4d00-9477-ec38a71dfab0&gdpr=0&gdpr_consent=

42 B
554 B

137ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a736389-6e8a-4d00-9477-ec38a71dfab0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 03:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 02 Dec 2022 03:18:34 GMT
Expires: Fri, 02 Dec 2022 03:18:33 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 180 1fd3e2d master zrh-pixel-x30 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a736389-6e8a-4d00-9477-ec38a71dfab0&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4BC8
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8798324505300909231

42 B
195 B

25ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8798324505300909231
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 03:18:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8798324505300909231
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame D71F 43 B
363 B 224ms
14ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:18:33 GMT
expires: Fri, 02 Dec 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 619310
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 4B86
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=220CBF35-2E8B-4960-BD57-56E253BFEDE6&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=220CBF35-2E8B-4960-BD57-56E253BFEDE6&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

196ms
190ms

Document
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=220CBF35-2E8B-4960-BD57-56E253BFEDE6&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 02 Dec 2022 03:18:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: ZW61CMTASA0M65E69BQ4

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 02 Dec 2022 03:18:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=220CBF35-2E8B-4960-BD57-56E253BFEDE6&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 8NVZQMTFAGGK3AHHYWE5

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CC1F
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=701414362275006164&gdpr=0&gdpr_consent=

42 B
216 B

146ms
16ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=701414362275006164&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 03:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: ad8b2d5a-26a5-4f88-a460-06d76dccf83f
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 03:18:34 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=701414362275006164&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 803B
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DODeDgy23lYX44BWAubLBw7h31MX4oUED-GII0zL

42 B
570 B

81ms
15ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DODeDgy23lYX44BWAubLBw7h31MX4oUED-GII0zL
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 03:18:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Fri, 02 Dec 2022 03:18:34 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DODeDgy23lYX44BWAubLBw7h31MX4oUED-GII0zL
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0459
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7172385420552108171&gdpr=0&gdpr_consent=

42 B
218 B

104ms
15ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7172385420552108171&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 03:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Fri, 02 Dec 2022 03:18:34 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7172385420552108171&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A24E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Igy_NS6LSWC9V1biU7_t5g%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

7ms
7ms

Image
text/html

88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol: H2
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=25329
accept-ranges: bytes
content-length: 5549
expires: Fri, 02 Dec 2022 10:20:43 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame A24E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2a736389-6e8a-4d00-9477-ec38a71dfab0

0
260 B

105ms
17ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2a736389-6e8a-4d00-9477-ec38a71dfab0
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 02 Dec 2022 03:18:34 GMT
Server: MT3 180 1fd3e2d master zrh-pixel-x26 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2a736389-6e8a-4d00-9477-ec38a71dfab0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 02 Dec 2022 03:18:33 GMT

GET
H2

404

gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c98493de0a843cf7/gdpr=0/ Frame A24E
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=220CBF35-2E8B-4960-BD57-56E253BFEDE6&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c98493de0a843cf7/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...

49 B
265 B

112ms
28ms

Image
image/gif

54.77.35.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c98493de0a843cf7/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Protocol: H2
Server: 54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.30.70
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c98493de0a843cf7/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A24E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjIwQ0JGMzUtMkU4Qi00OTYwLUJENTctNTZFMjUzQkZFREU2&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

19ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 03:18:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A24E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJdBcErCzocUEvXKhCDig3Q&google_cver=1

42 B
299 B

23ms
22ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJdBcErCzocUEvXKhCDig3Q&google_cver=1
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 03:18:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJdBcErCzocUEvXKhCDig3Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame A24E 43 B
409 B 22ms
16ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 01 Dec 2022 03:18:34 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A24E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1522284163619371211

42 B
297 B

15ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1522284163619371211
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 02 Dec 2022 03:18:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1522284163619371211
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A24E 70 B
264 B 37ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame C6A3 54 B
505 B 51ms
36ms Document
text/html 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPjXIAAPjXIAAAXADAENCtCgAAAAAH_AAAAAAAASVAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCAlsqEEoLpDTCAKssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIT0AAA.YAAAAAAAAAAA&d=https%3A%2F%2Fkoel.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7730ea7f9b779189-FRA
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:18:34 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3i7RkaqbNaj5A%2FyIq9ickgICAHEZPpY8s%2FdSH2qxz24cYZREtX5dKLi2t9Fh29tIFmXlsYgikCySOgc%2BG512XSk1g2cztuobgTAqGTH0wCOhIFB8uy%2Blk3gqHOFAbyExH2FS7C28Wps5Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 cogitoergosum Show response
koel.com/rest/high/api/ 22 B
91 B 113ms
102ms Fetch
application/json 192.229.233.217
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://koel.com/rest/high/api/cogitoergosum

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.217 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
server: nginx
etag: W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
content-length: 22
expires: Fri, 02 Dec 2022 03:18:33 GMT

GET
H3 200 like.php Show response
web.facebook.com/v2.8/plugins/ Frame 2A9D 0
23 B 45ms
32ms Document
text/html 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/v2.8/plugins/like.php?action=like&app_id=211345320604558&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f4c1cc9a47128%26domain%3Dkoel.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkoel.com%252Ff11cb4283ffd77%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 02 Dec 2022 03:18:34 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: pZUmTg+W9vI4wqFtJnqdd7ZTnGF5oaMn7KXsJJ6dptQ/OlP3/VgdEbf/JB9Tb938ynUqCSfq3JFCRB5v/3Jmsw==
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
37ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1672088339&t=event&_s=2&dl=https%3A%2F%2Fkoel.com%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&dp=%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&ul=en-us&de=UTF-8&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=891846839.1669951109&tid=UA-45670496-5&_gid=1552451735.1669951109&_av=2.4.1&_au=20&did=i5iSjo&z=1416915950

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2115
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
38ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1672088339&t=event&_s=2&dl=https%3A%2F%2Fkoel.com%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&dp=%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&ul=en-us&de=UTF-8&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=891846839.1669951109&tid=UA-19109753-1&_gid=1552451735.1669951109&_av=2.4.1&_au=20&did=i5iSjo&z=2089483633

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2115
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1672088339&t=event&_s=2&dl=https%3A%2F%2Fkoel.com%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&dp=%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&ul=en-us&de=UTF-8&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=891846839.1669951109&tid=UA-45670496-1&_gid=1552451735.1669951109&_av=2.4.1&_au=20&did=i5iSjo&z=1563123877

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2115
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
39ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1672088339&t=event&_s=2&dl=https%3A%2F%2Fkoel.com%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&dp=%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&ul=en-us&de=UTF-8&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=891846839.1669951109&tid=UA-28825804-3&_gid=1552451735.1669951109&_av=2.4.1&_au=20&did=i5iSjo&z=794329648

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2115
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
40ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1672088339&t=event&_s=2&dl=https%3A%2F%2Fkoel.com%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&dp=%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&ul=en-us&de=UTF-8&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=891846839.1669951109&tid=UA-45260060-2&_gid=1552451735.1669951109&_av=2.4.1&_au=20&did=i5iSjo&z=507091402

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2115
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
40ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1672088339&t=event&_s=2&dl=https%3A%2F%2Fkoel.com%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&dp=%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&ul=en-us&de=UTF-8&dt=Did%20You%20Know%20Squatters%20Can%20Claim%20Rights%20To%20Your%20Property%20In%20Iowa%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=891846839.1669951109&tid=UA-180756957-12&_gid=1552451735.1669951109&_av=2.4.1&_au=20&did=i5iSjo&z=2104336922

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 02:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2115
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attachment-100.png
townsquare.media/site/672/files/2022/01/ 19 KB
19 KB 10ms
8ms Image
image/png 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/672/files/2022/01/attachment-100.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Saint Joseph, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) / Express

Resource Hash

d0689b2ea0ed0f1e9917015b8a55c75c69366ad7a1c354ee324e1ed692e82762

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish
age: 26545513
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 19524
last-modified: Fri, 28 Jan 2022 21:33:17 GMT
server: ECS (frb/67BC)
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-varnish: 2156031660 2155373530
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:18:33 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 118ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://koel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 17:11:27 GMT
x-content-type-options: nosniff
age: 554827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 17:11:27 GMT

GET
H2 200 swfobject-2.2.min.js Show response
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 67E5 9 KB
9 KB 9ms
8ms Script
application/x-javascript 13.32.99.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by: Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://synchroscript.deliveryengine.adswizz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 04:47:34 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Wed, 01 Apr 2015 12:24:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 81059
etag: "e6a40488a5f5774d02c06d0787ef01d8"
x-cache: Hit from cloudfront
content-type: application/x-javascript
accept-ranges: bytes
content-length: 9211
x-amz-cf-id: s2MakS6wQtp3EbzlF8XM4I_0kVhdjhFwOIZ74yObHd1t69ncohpS7g==

GET
H2 200 swfobject-2.2.min.js Show response
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 6606 9 KB
9 KB 13ms
7ms Script
application/x-javascript 13.32.99.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by: Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://synchroscript.deliveryengine.adswizz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 04:47:34 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Wed, 01 Apr 2015 12:24:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 81059
etag: "e6a40488a5f5774d02c06d0787ef01d8"
x-cache: Hit from cloudfront
content-type: application/x-javascript
accept-ranges: bytes
content-length: 9211
x-amz-cf-id: UUS-GLAiOd0s0WcTIY77MG4mRzKC2Vn81qCeYvGVLGkQ0zvgegQgTg==

GET
H2 200 swfobject-2.2.min.js Show response
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame B3A2 9 KB
9 KB 7ms
7ms Script
application/x-javascript 13.32.99.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by: Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://synchroscript.deliveryengine.adswizz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 04:47:34 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Wed, 01 Apr 2015 12:24:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 81059
etag: "e6a40488a5f5774d02c06d0787ef01d8"
x-cache: Hit from cloudfront
content-type: application/x-javascript
accept-ranges: bytes
content-length: 9211
x-amz-cf-id: 09egtoy1By5kNo3LVDR8W2mDnZVGjKKiCe_SUQrFIV-8qAUR41Ebbw==

GET
H2 200 swfobject-2.2.min.js Show response
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame D8BF 9 KB
9 KB 7ms
7ms Script
application/x-javascript 13.32.99.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by: Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://synchroscript.deliveryengine.adswizz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 04:47:34 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Wed, 01 Apr 2015 12:24:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 81059
etag: "e6a40488a5f5774d02c06d0787ef01d8"
x-cache: Hit from cloudfront
content-type: application/x-javascript
accept-ranges: bytes
content-length: 9211
x-amz-cf-id: PKSdvlPM56oMfxM6S4lkv-XOTLp0NWAeua1yOKo_Yn54ZaMUAf7PBA==

GET
H2 200 swfobject-2.2.min.js Show response
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 7F97 9 KB
9 KB 7ms
7ms Script
application/x-javascript 13.32.99.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by: Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://synchroscript.deliveryengine.adswizz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 04:47:34 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified: Wed, 01 Apr 2015 12:24:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 81059
etag: "e6a40488a5f5774d02c06d0787ef01d8"
x-cache: Hit from cloudfront
content-type: application/x-javascript
accept-ranges: bytes
content-length: 9211
x-amz-cf-id: pYyG0GoQ8NIlPZ3LTLGcZSZoXYaRNSL85FcSCs07nALvg312tmTFGg==

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 360ms
15ms Preflight
application/json 2a02:2638:1::13

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkoel.com%2F&domain=koel.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://koel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 02 Dec 2022 03:18:34 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 445465
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ Frame 4A45 49 B
102 B 753ms
378ms XHR
application/json 2600:1901:0:8344::

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://koel.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4A45
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkoel.com%2F&domain=koel.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=aFC7SXxHMXoxQjkyQm5QcFlRclFBL2JiV3d5Vm9ud3Y4Vm5EcEdySlhjaHhBTGx5RXBYUnVoVHViNmxDeXFocStNUElsbHlzZUZmbjM3Y0tzT3VsaTJSc21pMjlndHVCUm9KOWRLZ0JSMnBtK3UyRjZnYU9YSEJOeGJzT0...

357 B
649 B

44ms
16ms

XHR
application/json

178.250.2.146

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=aFC7SXxHMXoxQjkyQm5QcFlRclFBL2JiV3d5Vm9ud3Y4Vm5EcEdySlhjaHhBTGx5RXBYUnVoVHViNmxDeXFocStNUElsbHlzZUZmbjM3Y0tzT3VsaTJSc21pMjlndHVCUm9KOWRLZ0JSMnBtK3UyRjZnYU9YSEJOeGJzT01JM2l1UnQxMDVXZ1BOYmRKQUVrMzYyeUdVRjlSOXJUOEJCaXFjTXhhTGhrdm5reHJ1V3crdWlDekpvYi9BemtIeXV6UHZjckg2b2QweGpIZFo2SC9HMWlFbldnQkZaRnlJOUNZdVdvOHlnMFJwMHFqUUpJPXw&cppv=2

Protocol

Server

178.250.2.146 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

33917e9ee1a2b0b9d95c2c7117fb2af90e2cee7b023655b97462c42fab1c8765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1135465
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=aFC7SXxHMXoxQjkyQm5QcFlRclFBL2JiV3d5Vm9ud3Y4Vm5EcEdySlhjaHhBTGx5RXBYUnVoVHViNmxDeXFocStNUElsbHlzZUZmbjM3Y0tzT3VsaTJSc21pMjlndHVCUm9KOWRLZ0JSMnBtK3UyRjZnYU9YSEJOeGJzT01JM2l1UnQxMDVXZ1BOYmRKQUVrMzYyeUdVRjlSOXJUOEJCaXFjTXhhTGhrdm5reHJ1V3crdWlDekpvYi9BemtIeXV6UHZjckg2b2QweGpIZFo2SC9HMWlFbldnQkZaRnlJOUNZdVdvOHlnMFJwMHFqUUpJPXw&cppv=2
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 594668
content-length: 0
expires: 0

POST
H/1.1 200 725.json Show response
id5-sync.com/g/v2/ Frame 4A45 216 B
618 B 9ms
8ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/725.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

58151778538b39d1e5d4ed793dbc29393160231ddfedd97cca2e2498b6d887ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://koel.com
date: Fri, 02 Dec 2022 03:18:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ Frame 4A45 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 4A45 43 B
312 B 54ms
29ms XHR
application/json 54.77.35.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?gdpr_applies=false
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://koel.com
cache-control: no-cache
x-server: 10.45.25.112
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 4A45 63 B
384 B 33ms
32ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 50a0cc4bc41221e19f542cda95e4fd5b267fb9a20bcfaed7a2774e387f453d7f

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://koel.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 01 Jan 2023 03:18:34 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 347ms
15ms Preflight
application/json 2a02:2638:1::13

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkoel.com%2F&domain=koel.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://koel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 02 Dec 2022 03:18:34 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 451591
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ Frame 1E85 49 B
291 B 479ms
117ms XHR
application/json 2600:1901:0:8344::

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://koel.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1E85
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkoel.com%2F&domain=koel.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=scnDN3xjQVFMbVpodkpiUitmQ3lyTE5xQVZYbU83K1dNa3JlaUpDQmRyNlRKWkxxUUlENUlEV0VENzk0RkJLdGJ2S2RaRDZ3T3ZieEt5VGswRGNVWDVhRWZsTXRNT1BENXhsVjlpM0svb3l1SkljdWhzOGlLQnJWZDAzek...

349 B
642 B

44ms
16ms

XHR
application/json

178.250.2.146

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=scnDN3xjQVFMbVpodkpiUitmQ3lyTE5xQVZYbU83K1dNa3JlaUpDQmRyNlRKWkxxUUlENUlEV0VENzk0RkJLdGJ2S2RaRDZ3T3ZieEt5VGswRGNVWDVhRWZsTXRNT1BENXhsVjlpM0svb3l1SkljdWhzOGlLQnJWZDAzek1ZRnY1RklDcVBmNzZNbmtON2owcnZJSnJYcjE3ek1vbVh4S3RUSUM4OVN5b3JuRmttN21EbnhESU9NbTU1L3pMQ0dzYzNKSXlJRXJsT0x6b3JkVFVITzNwRW5tSjRmejBBUVhJRUJZZ000WFNiVzZ6STRJPXw&cppv=2

Protocol

Server

178.250.2.146 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

de252210d3f104d098f0da4bffd392c2d9c0ec6fb9ef8b899e1641e695fa731d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:35 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1025754
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=scnDN3xjQVFMbVpodkpiUitmQ3lyTE5xQVZYbU83K1dNa3JlaUpDQmRyNlRKWkxxUUlENUlEV0VENzk0RkJLdGJ2S2RaRDZ3T3ZieEt5VGswRGNVWDVhRWZsTXRNT1BENXhsVjlpM0svb3l1SkljdWhzOGlLQnJWZDAzek1ZRnY1RklDcVBmNzZNbmtON2owcnZJSnJYcjE3ek1vbVh4S3RUSUM4OVN5b3JuRmttN21EbnhESU9NbTU1L3pMQ0dzYzNKSXlJRXJsT0x6b3JkVFVITzNwRW5tSjRmejBBUVhJRUJZZ000WFNiVzZ6STRJPXw&cppv=2
access-control-allow-origin: https://koel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 503784
content-length: 0
expires: 0

POST
H/1.1 200 725.json Show response
id5-sync.com/g/v2/ Frame 1E85 216 B
618 B 10ms
9ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/725.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

161902d6e1d4e0d84d36834081de8084c12f706d7120833675d298a42c860959

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://koel.com
date: Fri, 02 Dec 2022 03:18:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 1E85 43 B
311 B 75ms
61ms XHR
application/json 54.77.35.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?gdpr_applies=false
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://koel.com
cache-control: no-cache
x-server: 10.45.1.85
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 1E85 63 B
384 B 33ms
33ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 50a0cc4bc41221e19f542cda95e4fd5b267fb9a20bcfaed7a2774e387f453d7f

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://koel.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 01 Jan 2023 03:18:34 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E2A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECNEIecdz-POUloKDu-te_Y&google_cver=1

0
239 B

8ms
7ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECNEIecdz-POUloKDu-te_Y&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECNEIecdz-POUloKDu-te_Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E2A0
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI1WFJVV1EtSC00WTBM

170 B
188 B

41ms
41ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI1WFJVV1EtSC00WTBM

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI1WFJVV1EtSC00WTBM
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E2A0 70 B
264 B 35ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame E2A0
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7EcZT_t2S061zlkJY0G1oQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7EcZT_t2S061zlkJY0G1oQ

43 B
479 B

34ms
33ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7EcZT_t2S061zlkJY0G1oQ

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QGMAPWC601HCWH860BEY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7EcZT_t2S061zlkJY0G1oQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E2A0
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB5XRUWQ-H-4Y0L

0
705 B

332ms
189ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB5XRUWQ-H-4Y0L
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 2A71F47FD8CA4DD6B121726F4B5C7B34 Ref B: FRAEDGE1511 Ref C: 2022-12-02T03:18:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXuz8r8fduepTaoP3/dlg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB5XRUWQ-H-4Y0L
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E2A0
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/4CuGU8w2wdrgRul-uV_BEw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-XyQC3RBE2oLLycF0nWZRkNGMeAdDUBuYqfJ01w--~A

0
239 B

8ms
7ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-XyQC3RBE2oLLycF0nWZRkNGMeAdDUBuYqfJ01w--~A
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 02 Dec 2022 03:18:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-XyQC3RBE2oLLycF0nWZRkNGMeAdDUBuYqfJ01w--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E2A0
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2M5NDk3N2VlNjZlNTY5NWIyNWU5MzUxMjM0NzI5OTI3YTQ2MThmYg

170 B
188 B

41ms
41ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2M5NDk3N2VlNjZlNTY5NWIyNWU5MzUxMjM0NzI5OTI3YTQ2MThmYg

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:18:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2M5NDk3N2VlNjZlNTY5NWIyNWU5MzUxMjM0NzI5OTI3YTQ2MThmYg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E2A0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qK87cqAiTnyI4yJp23FE9g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qK87cqAiTnyI4yJp23FE9g

43 B
479 B

112ms
111ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qK87cqAiTnyI4yJp23FE9g

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:18:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CD96K22AYJ0GYMN0BC06
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qK87cqAiTnyI4yJp23FE9g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 json Show response
trc.taboola.com/townsquaremediatsm-koel/trc/3/ 18 KB
7 KB 123ms
114ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/townsquaremediatsm-koel/trc/3/json?tim=03%3A18%3A34.510&lti=cloudinary_test_beacon_var&data=%7B%22id%22%3A766%2C%22ii%22%3A%22%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669916640603%2C%22vi%22%3A1669951114507%2C%22cv%22%3A%2220221127-12_b4-PR-50632-DEV-123103-investigate-the-affect-of-adding-another-ratio-to-couldinary-acc-3afbccf5bd9%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22koel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A9469%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPjXIAAPjXIAAAXADAENCtCgAAAAAH_AAAAAAAASVAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCAlsqEEoLpDTCAKssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIT0AAA.YAAAAAAAAAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fkoel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F%3Ffr%3Doperanews%22%2C%22vpi%22%3A%22%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A25534%2C%22qs%22%3A%22%3Ffr%3Doperanews%22%2C%22nsid%22%3A%22townsquaremediatsm-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-below%3Apub%3Dtownsquaremediatsm-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A24102.59375%2C%22mw%22%3A730%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-rr%3Apub%3Dtownsquaremediatsm-network%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A472%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2CBelow%20Article%20Thumbnails%3Dthumbnails-below%3Apub%3Dtownsquaremediatsm-network%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr%3Apub%3Dtownsquaremediatsm-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22cloudinary_test_beacon_var%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221127-12_b4-PR-50632-DEV-123103-investigate-the-affect-of-adding-another-ratio-to-couldinary-acc-3afbccf5bd9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a87b2dc06e8eb6274176f0aa3b638fc2a57a6557f8bbf55ca2f3cd6c63014432

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 107
date: Fri, 02 Dec 2022 03:18:34 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn4063-HHN
server: nginx
x-timer: S1669951115.523299,VS0,VE107
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://koel.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame CF72 0
239 B 8ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LB5XRUWQ-H-4Y0L
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tb Show response
15.taboola.com/ 4 KB
3 KB 45ms
26ms XHR
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=townsquaremediatsm-koel&unitType=226&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=&cisrf=&cirf=koel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&encoded=1&uid=26558dea-30fa-4353-9532-6f9d532d949d-tucta82f40a&variant=0|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1669951114689&tagid=&cntry=DE&platform=1&sesid=b752113fcbbb1871b554d35979599068&itemid=/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa&viewid=1669951114507&geolat=&geoing=&deviceifa=&appid=&sd=v2_b752113fcbbb1871b554d35979599068_26558dea-30fa-4353-9532-6f9d532d949d-tucta82f40a_1669951114_1669951114_CNawjgYQyYtaGIua34bNMCABKAEwODib4wlAofErSIK22QNQp-wQWAFgAGid-PXeqq3G4UxwAA&ri=ed5f95d656661e6b7289725af7a55812&appname=&cdb=CPjXIAAPjXIAAAXADAENCtCgAAAAAH_AAAAAAAASVAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCAlsqEEoLpDTCAKssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIT0AAA.YAAAAAAAAAAA&gdprApplies=true&rid=&sii=-1339141667094298809&oee=true&tpubid=1476041&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BB&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1475459&prcnt=&layer=&normp=7&gvv=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221127-12_b4-PR-50632-DEV-123103-investigate-the-affect-of-adding-another-ratio-to-couldinary-acc-3afbccf5bd9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d695c72671d8c0db9ce22193623d1649af3a2b4077b8a5102bde5796a2408e39

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 02 Dec 2022 03:18:34 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1482
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4063-HHN
pragma: no-cache
server: nginx
x-timer: S1669951115.718724,VS0,VE12
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
access-control-allow-origin: https://koel.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20221127-12_b4-PR-50632-DEV-123103-investigate-the-affect-of-adding-another-ratio-to-couldinary-acc-3afbccf5bd9.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
6 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20221127-12_b4-PR-50632-DEV-123103-investigate-the-affect-of-adding-another-ratio-to-couldinary-acc-3afbccf5bd9.es6.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fbca1af120ab91717f4ea8eb685f467af023b15f56378481b855427af5da08a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: OghohIjDFIeQgS3Au5tTZZydFIXEhx2B
content-encoding: gzip
via: 1.1 varnish
date: Fri, 02 Dec 2022 03:18:34 GMT
x-amz-request-id: WCKEH269FX8MCGDQ
age: 57
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5464
x-amz-id-2: r0XNr2oT3UhMt2qJPcVULXNgqlXuFugJi45Mun3M5xTnh2YSlJXOitKwL7KjHu37hs5qgLQUadQ=
x-served-by: cache-hhn4063-HHN
last-modified: Tue, 29 Nov 2022 17:14:54 GMT
server: AmazonS3
x-timer: S1669951115.694061,VS0,VE1
etag: "ec5c0dcf64c3461eb964f60ea78e0a36"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 6
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 cta-component.20221127-12_b4-PR-50632-DEV-123103-investigate-the-affect-of-adding-another-ratio-to-couldinary-acc-3afbccf5bd9.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
5 KB 28ms
28ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20221127-12_b4-PR-50632-DEV-123103-investigate-the-affect-of-adding-another-ratio-to-couldinary-acc-3afbccf5bd9.es6.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ac496ebee19f79453218fb5515599fe4c6ad62b18fd2f6fb190629d4f2787c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: bV_cPPveWG2Cs51LyxyvrefpDaDCP__u
content-encoding: gzip
via: 1.1 varnish
date: Fri, 02 Dec 2022 03:18:34 GMT
x-amz-request-id: DRA9QTPEEG58EJNM
age: 53
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5175
x-amz-id-2: eVSciP6acpjUusywB2ABGU9rV6Speogy5y+khm0G604DIEZx7w9alyYygckwvlb+YfaGojcnaP8=
x-served-by: cache-hhn4063-HHN
last-modified: Tue, 29 Nov 2022 17:13:26 GMT
server: AmazonS3
x-timer: S1669951115.718778,VS0,VE1
etag: "ae94ba51220eba84d1c74873a1202518"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 6
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 tb Show response
15.taboola.com/ 4 KB
3 KB 29ms
25ms XHR
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=townsquaremediatsm-koel&unitType=226&tbloc=&pageType=text&pstn=Right%20Rail%20Thumbnails&uuip=&cisrf=&cirf=koel.com%2Fixp%2F726%2Fp%2Fdid-you-know-squatters-can-claim-rights-to-your-property-in-iowa%2F&encoded=1&uid=26558dea-30fa-4353-9532-6f9d532d949d-tucta82f40a&variant=0|1&callback=TRC.videoTagCallbacks.videoCallback2&cb=1669951114704&tagid=&cntry=DE&platform=1&sesid=b752113fcbbb1871b554d35979599068&itemid=/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa&viewid=1669951114507&geolat=&geoing=&deviceifa=&appid=&sd=v2_b752113fcbbb1871b554d35979599068_26558dea-30fa-4353-9532-6f9d532d949d-tucta82f40a_1669951114_1669951114_CNawjgYQyYtaGIua34bNMCABKAEwODib4wlAofErSIK22QNQp-wQWAFgAGid-PXeqq3G4UxwAA&ri=12a1be2747bcdbe0980087c5d63115bb&appname=&cdb=CPjXIAAPjXIAAAXADAENCtCgAAAAAH_AAAAAAAASVAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCAlsqEEoLpDTCAKssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIT0AAA.YAAAAAAAAAAA&gdprApplies=true&rid=&sii=-1339141667094298809&oee=true&tpubid=1476041&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BB&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1475459&prcnt=&layer=&normp=7&gvv=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221127-12_b4-PR-50632-DEV-123103-investigate-the-affect-of-adding-another-ratio-to-couldinary-acc-3afbccf5bd9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3cde0e6c7b303b596f94f320da702a5ce121b3926845f9aa95c373d9e4ca97f0

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 02 Dec 2022 03:18:34 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1482
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4063-HHN
pragma: no-cache
server: nginx
x-timer: S1669951115.718759,VS0,VE11
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
access-control-allow-origin: https://koel.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 8b2c3629b48c223ef378e079bb16dcda.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 21 KB
21 KB 32ms
11ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b2c3629b48c223ef378e079bb16dcda.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b8e7341e98e766035311162b83b9d0ce740423d983137026ac3acbba1864653

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b2c3629b48c223ef378e079bb16dcda.jpg
age: 5664950
edge-cache-tag: 353731689933732867918532423341708278778,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 353731689933732867918532423341708278778,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 36
req-referer: https://apnews.com/
content-length: 21148
x-request-id: 3d9bdda0bc59e52ab5fdccf3405a2886
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100027-IAD, cache-iad-kcgs7200042-IAD, cache-lax10658-LGB, cache-iad-kiad7000050-IAD, cache-hhn4063-HHN
last-modified: Sat, 10 Sep 2022 16:13:19 GMT
server: nginx
x-timer: S1669951115.763510,VS0,VE1
etag: "db903dc34239cdcd929289f9fe614d55"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 733, 1

GET
H2 200 1283532143__feL0z11S.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/ 21 KB
22 KB 31ms
10ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1283532143__feL0z11S.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 07ee86697b15aff9107cf305ca9980df8c9bcf47b4989cd9a115ab6b3fcc8707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1283532143__feL0z11S.jpg
age: 306651
edge-cache-tag: 590749258823518116372391888247674630713,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 590749258823518116372391888247674630713,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 989
req-referer: https://eu.usatoday.com/videos/news/politics/2022/11/06/barack-obama-biden-stump-fetterman-shapiro-pennsylvania-rally/8287218001/
content-length: 21936
x-request-id: fbe36987de5fd17e8a2ec24b2e8f163d
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100027-IAD, cache-iad-kcgs7200105-IAD, cache-bur-kbur8200096-BUR, cache-iad-kcgs7200066-IAD, cache-hhn4063-HHN
last-modified: Fri, 25 Nov 2022 18:23:50 GMT
server: nginx
x-timer: S1669951115.763486,VS0,VE1
etag: "dd8a41c8bae665fb4922e493108c14d2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 3, 1

GET
H2 200 7b24a810ed060227f63ec3f35e29b305.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 29ms
9ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b24a810ed060227f63ec3f35e29b305.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 681552741ee7e0fbf46b78178b261f6bb053cac31e653ad5c9968a9c762a2b6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b24a810ed060227f63ec3f35e29b305.jpg
age: 3864697
edge-cache-tag: 458718344708137160398127445426693447895,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 458718344708137160398127445426693447895,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 217
req-referer: https://naviniigata.com/
content-length: 5982
x-request-id: 526a7a3c02c164396b0b99ef08540a4e
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000061-IAD, cache-iad-kcgs7200155-IAD, cache-bur-kbur8200023-BUR, cache-iad-kcgs7200095-IAD, cache-hhn4063-HHN
last-modified: Wed, 12 Oct 2022 03:25:46 GMT
server: nginx
x-timer: S1669951115.763023,VS0,VE1
etag: "9cdb6472cdb6dcdef477362870660c9c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 56, 1

GET
H2 200 d11e69527900526bfdd1a4a5fe8b92af.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 32ms
12ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d11e69527900526bfdd1a4a5fe8b92af.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 276ef237558b89c41c16ff51fe09551269ffe41f8bf49abdfa548b146b21655b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d11e69527900526bfdd1a4a5fe8b92af.jpg
age: 1437270
edge-cache-tag: 578770920740751671729734879316777692776,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 578770920740751671729734879316777692776,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 1602
req-referer: https://programmerall.com/
content-length: 11686
x-request-id: 759036301e71d331dd620243d3d7042c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100142-IAD, cache-iad-kjyo7100088-IAD, cache-chi-kigq8000126-CHI, cache-iad-kiad7000087-IAD, cache-hhn4063-HHN
last-modified: Mon, 31 Oct 2022 20:56:46 GMT
server: nginx
x-timer: S1669951115.763594,VS0,VE1
etag: "f5c6ed1218c6cd341b22d7808e65b849"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 17, 1

GET
H2 200 654cdfc5aa8fed97d4232e8a2dedc01f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 29ms
10ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/654cdfc5aa8fed97d4232e8a2dedc01f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 14161be0203f67567da81017cb9f3e10ed4e581012a5137c023f70e0a37dd535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/654cdfc5aa8fed97d4232e8a2dedc01f.jpg
age: 2458607
edge-cache-tag: 627161162122358055162779345712489010522,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 627161162122358055162779345712489010522,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 119
expiration: expiry-date="Wed, 09 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tierce-magazine.com/
content-length: 8650
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100109-IAD, cache-iad-kiad7000172-IAD, cache-lga21971-LGA, cache-iad-kjyo7100029-IAD, cache-hhn4063-HHN
last-modified: Sun, 09 Oct 2022 21:55:34 GMT
server: nginx
x-timer: S1669951115.763567,VS0,VE1
etag: "d4094b62362f2cf2eb8e8b89f18d2de6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 75, 1

GET
H2 200 2703c51668ad7ad95491deafbd0b7da5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
13 KB 47ms
28ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2703c51668ad7ad95491deafbd0b7da5.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6f1654b6f99957a156765045a776c317ea66f4d572b7849689a9ade6b9f9a094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 5
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2703c51668ad7ad95491deafbd0b7da5.png
age: 524431
edge-cache-tag: 362171042209468751914751249677352257072,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 362171042209468751914751249677352257072,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 1055
req-referer: https://ventidisport.it/
content-length: 12288
x-request-id: 1f4d2b5d2aac8208f39d939d9a68adf2
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200088-IAD, cache-iad-kjyo7100037-IAD, cache-lga21931-LGA, cache-iad-kjyo7100028-IAD, cache-hhn4063-HHN
last-modified: Fri, 25 Nov 2022 23:21:43 GMT
server: nginx
x-timer: S1669951115.763536,VS0,VE5
etag: "63e5e51c0e7e4dd5992752cdb0503758"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 5621182aa2da79674ae2e75f7fbbaceb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_227%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 30 KB
31 KB 20ms
17ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_227%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf7dab29e527c13124d1a51acfb6c8022fdfda813bf78a44cdefcae43917eb3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_227%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
age: 2110845
edge-cache-tag: 450265650731705506805175281380931797211,629759284526009256732382151293881458785,29ecf9b93bbf306179626feeda1fab70
cache-tag: 450265650731705506805175281380931797211,629759284526009256732382151293881458785,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 203
expiration: expiry-date="Tue, 15 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.xxlmag.com/
content-length: 30636
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000153-IAD, cache-iad-kjyo7100054-IAD, cache-bur-kbur8200111-BUR, cache-iad-kiad7000149-IAD, cache-hhn4063-HHN
last-modified: Sat, 15 Oct 2022 02:23:59 GMT
server: nginx
x-timer: S1669951115.777370,VS0,VE1
etag: "ff8a09c016e9cd0378804fb12edeacb1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 219, 1

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/1.4.0/ 79 KB
24 KB 15ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
age: 1135430
x-cache: Hit from cloudfront, HIT
content-length: 23743
x-served-by: cache-hhn4063-HHN
last-modified: Tue, 31 Mar 2020 13:14:35 GMT
server: AmazonS3
x-timer: S1669951115.763766,VS0,VE0
etag: "b683c290896a82c974838a04b4ea4aff"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: C4R9R7XW4kSXTM9OXRCYXsa_zVnNRpfIq6rfXyXOw8u_k6ziy8EtOQ==
x-cache-hits: 192

GET
H2 206 bnxkzz7fnkhdb8rvlqrj.mp4
cdn.taboola.com/libtrc/static/video/v1662122711/ 866 KB
867 KB 11ms
10ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1662122711/bnxkzz7fnkhdb8rvlqrj.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 255e1c0bec3598637ff1b039c315b16e8c34192e83adee4604c8b61e5ac68e20

Request headers

Referer: https://koel.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: g1i_A3OLgYo9_JLt9extDAL7vK14TM.7
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish
x-amz-request-id: KZ9HDT5NHQJYNABB
age: 59
x-cache: HIT
Content-Range: bytes 0-886903/886904
x-amz-replication-status: COMPLETED
Content-Length: 886904
x-amz-id-2: J6e3xjli0zZi+fE521y8y4l8/vMYMbYxmNjUexUqapN8Yo94/yqZ37z2FEwsHqcpX3mZGS4rTUKUESg6eE1ZwQ==
x-served-by: cache-hhn4063-HHN
last-modified: Fri, 02 Sep 2022 12:45:18 GMT
server: AmazonS3
x-timer: S1669951115.765829,VS0,VE1
etag: "f24f1c81b3f01dae200f3c7c6c1a4783"
content-type: video/mp4;codecs=avc1
abp: 6
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b2c3629b48c223ef378e079bb16dcda.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b8e7341e98e766035311162b83b9d0ce740423d983137026ac3acbba1864653

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b2c3629b48c223ef378e079bb16dcda.jpg
age: 5664950
edge-cache-tag: 353731689933732867918532423341708278778,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 353731689933732867918532423341708278778,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 36
req-referer: https://apnews.com/
content-length: 21148
x-request-id: 3d9bdda0bc59e52ab5fdccf3405a2886
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100027-IAD, cache-iad-kcgs7200042-IAD, cache-lax10658-LGB, cache-iad-kiad7000050-IAD, cache-hhn4063-HHN
last-modified: Sat, 10 Sep 2022 16:13:19 GMT
server: nginx
x-timer: S1669951115.820316,VS0,VE0
etag: "db903dc34239cdcd929289f9fe614d55"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 733, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1283532143__feL0z11S.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 07ee86697b15aff9107cf305ca9980df8c9bcf47b4989cd9a115ab6b3fcc8707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EPL/1283532143__feL0z11S.jpg
age: 306651
edge-cache-tag: 590749258823518116372391888247674630713,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 590749258823518116372391888247674630713,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 989
req-referer: https://eu.usatoday.com/videos/news/politics/2022/11/06/barack-obama-biden-stump-fetterman-shapiro-pennsylvania-rally/8287218001/
content-length: 21936
x-request-id: fbe36987de5fd17e8a2ec24b2e8f163d
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100027-IAD, cache-iad-kcgs7200105-IAD, cache-bur-kbur8200096-BUR, cache-iad-kcgs7200066-IAD, cache-hhn4063-HHN
last-modified: Fri, 25 Nov 2022 18:23:50 GMT
server: nginx
x-timer: S1669951115.820636,VS0,VE0
etag: "dd8a41c8bae665fb4922e493108c14d2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 3, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b24a810ed060227f63ec3f35e29b305.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 681552741ee7e0fbf46b78178b261f6bb053cac31e653ad5c9968a9c762a2b6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7b24a810ed060227f63ec3f35e29b305.jpg
age: 3864697
edge-cache-tag: 458718344708137160398127445426693447895,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 458718344708137160398127445426693447895,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 217
req-referer: https://naviniigata.com/
content-length: 5982
x-request-id: 526a7a3c02c164396b0b99ef08540a4e
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000061-IAD, cache-iad-kcgs7200155-IAD, cache-bur-kbur8200023-BUR, cache-iad-kcgs7200095-IAD, cache-hhn4063-HHN
last-modified: Wed, 12 Oct 2022 03:25:46 GMT
server: nginx
x-timer: S1669951115.820625,VS0,VE0
etag: "9cdb6472cdb6dcdef477362870660c9c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 56, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d11e69527900526bfdd1a4a5fe8b92af.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 276ef237558b89c41c16ff51fe09551269ffe41f8bf49abdfa548b146b21655b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d11e69527900526bfdd1a4a5fe8b92af.jpg
age: 1437270
edge-cache-tag: 578770920740751671729734879316777692776,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 578770920740751671729734879316777692776,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 1602
req-referer: https://programmerall.com/
content-length: 11686
x-request-id: 759036301e71d331dd620243d3d7042c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100142-IAD, cache-iad-kjyo7100088-IAD, cache-chi-kigq8000126-CHI, cache-iad-kiad7000087-IAD, cache-hhn4063-HHN
last-modified: Mon, 31 Oct 2022 20:56:46 GMT
server: nginx
x-timer: S1669951115.820606,VS0,VE0
etag: "f5c6ed1218c6cd341b22d7808e65b849"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 17, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/654cdfc5aa8fed97d4232e8a2dedc01f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 14161be0203f67567da81017cb9f3e10ed4e581012a5137c023f70e0a37dd535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/654cdfc5aa8fed97d4232e8a2dedc01f.jpg
age: 2458607
edge-cache-tag: 627161162122358055162779345712489010522,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 627161162122358055162779345712489010522,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 119
expiration: expiry-date="Wed, 09 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tierce-magazine.com/
content-length: 8650
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100109-IAD, cache-iad-kiad7000172-IAD, cache-lga21971-LGA, cache-iad-kjyo7100029-IAD, cache-hhn4063-HHN
last-modified: Sun, 09 Oct 2022 21:55:34 GMT
server: nginx
x-timer: S1669951115.820584,VS0,VE0
etag: "d4094b62362f2cf2eb8e8b89f18d2de6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 75, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2703c51668ad7ad95491deafbd0b7da5.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6f1654b6f99957a156765045a776c317ea66f4d572b7849689a9ade6b9f9a094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2703c51668ad7ad95491deafbd0b7da5.png
age: 524431
edge-cache-tag: 362171042209468751914751249677352257072,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 362171042209468751914751249677352257072,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 1055
req-referer: https://ventidisport.it/
content-length: 12288
x-request-id: 1f4d2b5d2aac8208f39d939d9a68adf2
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200088-IAD, cache-iad-kjyo7100037-IAD, cache-lga21931-LGA, cache-iad-kjyo7100028-IAD, cache-hhn4063-HHN
last-modified: Fri, 25 Nov 2022 23:21:43 GMT
server: nginx
x-timer: S1669951115.830818,VS0,VE0
etag: "63e5e51c0e7e4dd5992752cdb0503758"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_227%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf7dab29e527c13124d1a51acfb6c8022fdfda813bf78a44cdefcae43917eb3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 02 Dec 2022 03:18:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_227%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
age: 2110845
edge-cache-tag: 450265650731705506805175281380931797211,629759284526009256732382151293881458785,29ecf9b93bbf306179626feeda1fab70
cache-tag: 450265650731705506805175281380931797211,629759284526009256732382151293881458785,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 203
expiration: expiry-date="Tue, 15 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.xxlmag.com/
content-length: 30636
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000153-IAD, cache-iad-kjyo7100054-IAD, cache-bur-kbur8200111-BUR, cache-iad-kiad7000149-IAD, cache-hhn4063-HHN
last-modified: Sat, 15 Oct 2022 02:23:59 GMT
server: nginx
x-timer: S1669951115.830723,VS0,VE0
etag: "ff8a09c016e9cd0378804fb12edeacb1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 219, 2

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 296ms
15ms Preflight
application/json 178.250.2.146

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 02 Dec 2022 03:18:34 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 432936
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 296ms
15ms Preflight
application/json 178.250.2.146

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 02 Dec 2022 03:18:34 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 494202
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 bulk Show response
trc.taboola.com/townsquaremediatsm-koel/log/3/ 0
291 B 16ms
16ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/townsquaremediatsm-koel/log/3/bulk?route=AM%3AAM%3AV&lti=cloudinary_test_beacon_var&bulkSize=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221127-12_b4-PR-50632-DEV-123103-investigate-the-affect-of-adding-another-ratio-to-couldinary-acc-3afbccf5bd9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Fri, 02 Dec 2022 03:18:35 GMT
via: 1.1 varnish
x-served-by: cache-hhn4063-HHN
server: nginx
x-timer: S1669951116.741043,VS0,VE10
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://koel.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
703 B 8ms
7ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Fri, 02 Dec 2022 03:18:35 GMT
via: 1.1 varnish
x-amz-request-id: QQBJB95DTC5C6ET8
age: 14313
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: bGxiVQJJV6ushs+GurmdUMKcP55jXiZTni4zPfO1R2tT9H40rLWGSHO/uxS9hhOPRniEOikC9As=
x-served-by: cache-hhn4063-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1669951116.789784,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 6
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 462

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=26

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

95 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa	1969-12-31 23:59:59	Name: gdpr-source Value: DE
koel.com/rest/carbon/api/nowplaying/playertype	1969-12-31 23:59:59	Name: gdpr-source Value: DE
koel.com/rest/carbon/api/gallery	1969-12-31 23:59:59	Name: gdpr-source Value: DE
koel.com/public/dist/chunks	1969-12-31 23:59:59	Name: gdpr-source Value: DE
koel.com/internal-ad-api	1969-12-31 23:59:59	Name: gdpr-source Value: DE
koel.com/styles/desktop	1969-12-31 23:59:59	Name: gdpr-source Value: DE
koel.com/rest/high/api	1969-12-31 23:59:59	Name: gdpr-source Value: DE
koel.com/	1970-01-20 10:02:07	Name: abgroup Value: A
koel.com/	1970-01-20 07:52:32	Name: cogitoergosum Value: eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJGcmksIDAyIERlYyAyMDIyIDAzOjE4OjI4IEdNVCJ9
koel.com/	1970-01-20 08:35:43	Name: connect.sid Value: s%3AEuFGFfQDDOQo-lIOoEEtw0BOzJDByuTr.pWM%2FZCkT2YG6SLO40uLFJ9xT2528rssjlgRxgR24tDY
cdn.production.townsquareblogs.com/	1970-01-20 16:38:07	Name: aleph Value: a43bf3f5-a384-5bea-91ef-0c2229e56dcf
.koel.com/	1970-01-20 07:53:57	Name: _gid Value: GA1.2.1552451735.1669951109
.koel.com/	1970-01-20 07:52:31	Name: _gat_primary Value: 1
.koel.com/	1970-01-20 07:52:31	Name: _gat_UA191097531 Value: 1
.koel.com/	1970-01-20 07:52:31	Name: _gat_UA456704961 Value: 1
.koel.com/	1970-01-20 07:52:31	Name: _gat_UA288258043 Value: 1
.koel.com/	1970-01-20 07:52:31	Name: _gat_UA452600602 Value: 1
.koel.com/	1970-01-20 07:52:31	Name: _gat_UA18075695712 Value: 1
koel.com/	1969-12-31 23:59:59	Name: blingblocksession Value: 1
.koel.com/	1970-01-20 07:52:31	Name: _gat_UA1150030077 Value: 1
koel.com/	1970-01-20 17:28:31	Name: aleph Value: a43bf3f5-a384-5bea-91ef-0c2229e56dcf
koel.com/	1970-01-20 17:28:31	Name: aleph-count Value: 1
.kargo.com/	1970-01-20 16:38:07	Name: ktcid Value: 789de021-e252-02c3-18a5-def6f0870415
.koel.com/	1970-01-20 17:28:31	Name: _ga_GGT2X929YG Value: GS1.1.1669951109.1.0.1669951109.60.0.0
.gumgum.com/	1970-01-20 16:38:07	Name: cs Value: true
.gumgum.com/	1970-01-20 08:35:43	Name: loc Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdwXgciFy314eCa8DRCNeggGXhiT-f7JeZzLddO_-ZeqByeQVcyafU09Z_Dn94038kpcRXAVFOf9dw
.rubiconproject.com/	1970-01-20 16:38:07	Name: khaos Value: LB5XRUWQ-H-4Y0L
.rubiconproject.com/	1970-01-20 16:38:07	Name: audit Value: 1\|naVuGyos1qrUW/3TNHA+pj5APvdogVCbaTd6KyMQnavCRi4Lg8bJK4VVOXK78BzfMLqZuPCjn9jgcRgjl6EitXZpcvlxac5A3OlDu/ORdD8=
.go.sonobi.com/	1970-01-20 07:52:31	Name: __uih Value: 1
.koel.com/	1970-01-20 17:14:07	Name: cmp-data Value: . . 14b1520d-aed2-47a1-b282-414e3ed999b2
.serverbid.com/	1970-01-20 08:14:07	Name: CONSUMABLEID Value: cce9e093a19340e8a9e093a193a0e884
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8A Value: s858\|Y4lui
koel.com/	1970-01-20 08:35:43	Name: _pbjs_userid_consent_data Value: 6683316680106290
.koel.com/	1970-01-20 12:11:43	Name: _pubcid Value: 48c9a403-8473-4485-8e8c-fb8224f8259c
.id5-sync.com/	1970-01-20 07:52:31	Name: cf Value:
.id5-sync.com/	1970-01-20 07:52:31	Name: cip Value:
.id5-sync.com/	1970-01-20 07:52:31	Name: cnac Value:
.id5-sync.com/	1970-01-20 07:52:31	Name: car Value:
.id5-sync.com/	1970-01-20 07:52:31	Name: gdpr Value:
.id5-sync.com/	1970-01-20 07:52:31	Name: callback Value:
.adnxs.com/	1970-01-20 10:02:07	Name: uuid2 Value: 701414362275006164
.advertising.com/	1970-01-20 16:38:28	Name: A3 Value: d=AQABBIluiWMCEK_0SAuitL1rCxtYf4DCivIFEgEBAQHAimOTYwAAAAAA_eMAAA&S=AQAAAuhbbti82akjJCzd2wXb-l8
.yahoo.com/	1970-01-20 16:38:28	Name: A3 Value: d=AQABBIluiWMCEDl3cFMTFqDjefn8q1cHrHwFEgEBAQHAimOTYwAAAAAA_eMAAA&S=AQAAAvbm5G1dicDFJfC7vOpci9c
.casalemedia.com/	1970-01-20 10:02:07	Name: CMPS Value: 5174
.ads.pubmatic.com/	1970-01-20 07:53:57	Name: KCCH Value: YES
.casalemedia.com/	1970-01-20 16:38:07	Name: CMID Value: Y4luiSbzMqW6Vu4hNukvCgAA
.casalemedia.com/	1970-01-20 10:02:07	Name: CMPRO Value: 5177
.analytics.yahoo.com/	1970-01-20 16:38:07	Name: IDSYNC Value: 18z9~28m3
.pubmatic.com/	1970-01-20 10:02:07	Name: KADUSERCOOKIE Value: 220CBF35-2E8B-4960-BD57-56E253BFEDE6
.pubmatic.com/	1970-01-20 10:02:07	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 07:53:57	Name: pi Value: 156725:2
.pubmatic.com/	1970-01-20 10:02:07	Name: DPSync3 Value: 1671148800%3A201_197_219%7C1670025600%3A174
.pubmatic.com/	1970-01-20 10:02:07	Name: SyncRTB3 Value: 1671235200%3A35%7C1672531200%3A203%7C1671148800%3A220_21_161_56_54_251_13_7_3_8
koel.com/	1970-01-20 07:53:57	Name: usprivacy Value: 1---
.quantserve.com/	1970-01-20 17:22:45	Name: mc Value: 63896e8a-0fa85-0429d-1c352
.simpli.fi/	1970-01-20 16:39:33	Name: suid Value: D22DEA17278644C7860BF5818CA5ED2F
.mathtag.com/	1970-01-20 17:18:26	Name: uuid Value: 2a736389-6e8a-4d00-9477-ec38a71dfab0
.quantserve.com/	1970-01-20 10:02:07	Name: d Value: EI4BEgHbJ_ijC_vLEA
.rfihub.com/	1970-01-20 17:14:07	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjI3szAwMrW0MBDiM9QtrirOzooqTglJNDIDACMEPP4lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjI3szAwMrW0MBDiM9QtrirOzooqTglJNDIDACMEPP4lAAAA
.rfihub.com/	1970-01-20 17:14:07	Name: eud Value: H4sIAAAAAAAA__vFyGtoZmZpaWpoaGgChAAQWIhCEAAAAA
.adform.net/	1970-01-20 08:37:09	Name: C Value: 1
koel.com/	1970-01-20 08:35:43	Name: newsletter-overlay-notspam Value: completed-newsletter
.everesttech.net/	1970-01-20 16:38:07	Name: everest_g_v2 Value: g_surferid~Y4luigAASP55PgAe
.demdex.net/	1970-01-20 12:11:43	Name: demdex Value: 69070593865347406171265736598212308405
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8525\|Y4luj
.adfarm1.adition.com/	1970-01-20 10:02:07	Name: UserID1 Value: 7172385420552108171
.adform.net/	1970-01-20 09:18:55	Name: uid Value: 1522284163619371211
.koel.com/	1970-01-20 17:28:31	Name: _ga Value: GA1.2.891846839.1669951109
.doubleclick.net/	1970-01-20 17:14:07	Name: IDE Value: AHWqTUnoV5og7sF9WudhSWTWa_HBJHDKUV0ela_cmLY6BzNdoyv0YwhIK4FrxCQJuys
.onaudience.com/	1970-01-20 16:38:07	Name: cookie Value: c98493de0a843cf7
.onaudience.com/	1970-01-20 07:53:57	Name: done_redirects104 Value: 1
.turn.com/	1970-01-20 12:11:43	Name: uid Value: 2584608020424312419
.de17a.com/	1970-01-20 16:30:55	Name: guid Value: 1.8798324505300909231
.pubmatic.com/	1970-01-20 10:02:07	Name: KRTBCOOKIE_153 Value: 1923-DODeDgy23lYX44BWAubLBw7h31MX4oUED-GII0zL&KRTB&19420-DODeDgy23lYX44BWAubLBw7h31MX4oUED-GII0zL&KRTB&22979-DODeDgy23lYX44BWAubLBw7h31MX4oUED-GII0zL&KRTB&23403-DODeDgy23lYX44BWAubLBw7h31MX4oUED-GII0zL
.brand-display.com/	1970-01-20 17:28:31	Name: _knxq_ Value: 3c5ed155-988a-0b1c-75b8a696.1669951114.0.1669951114.1669951114
.bidr.io/	1970-01-20 17:21:01	Name: bito Value: AAEZrE7HEt0AAB9nYrBnyw
.bidr.io/	1970-01-20 17:21:01	Name: bitoIsSecure Value: ok
.dpm.demdex.net/	1970-01-20 12:11:43	Name: dpm Value: 69070593865347406171265736598212308405
.pubmatic.com/	1970-01-20 10:02:07	Name: KRTBCOOKIE_80 Value: 22987-CAESEJdBcErCzocUEvXKhCDig3Q&KRTB&16514-CAESEJdBcErCzocUEvXKhCDig3Q&KRTB&23025-CAESEJdBcErCzocUEvXKhCDig3Q&KRTB&23386-CAESEJdBcErCzocUEvXKhCDig3Q
.undertone.com/	1970-01-20 16:38:28	Name: UID_EXT_56 Value: y-yyc17IhE2uG14QiDa8n8epHRMgQHfms6cCkRyxk-~A
.pubmatic.com/	1970-01-20 10:02:07	Name: KRTBCOOKIE_27 Value: 16735-uid:2a736389-6e8a-4d00-9477-ec38a71dfab0&KRTB&16736-uid:2a736389-6e8a-4d00-9477-ec38a71dfab0&KRTB&23019-uid:2a736389-6e8a-4d00-9477-ec38a71dfab0&KRTB&23208-uid:2a736389-6e8a-4d00-9477-ec38a71dfab0
.pubmatic.com/	1970-01-20 08:35:43	Name: KRTBCOOKIE_1101 Value: 23040-7172385420552108171&KRTB&23369-7172385420552108171
.pubmatic.com/	1970-01-20 10:02:07	Name: KRTBCOOKIE_57 Value: 22776-701414362275006164&KRTB&23339-701414362275006164
.pubmatic.com/	1970-01-20 08:35:43	Name: KRTBCOOKIE_336 Value: 5844-8798324505300909231
.pubmatic.com/	1970-01-20 08:35:43	Name: PugT Value: 1669951114
.pubmatic.com/	1970-01-20 08:35:43	Name: KRTBCOOKIE_391 Value: 22924-1522284163619371211&KRTB&23263-1522284163619371211
.pubmatic.com/	1970-01-20 08:35:43	Name: SPugT Value: 1669951114
koel.com/	1970-01-20 07:52:34	Name: _lr_retry_request Value: true
koel.com/	1970-01-20 08:35:43	Name: _lr_env_src_ats Value: false
.undertone.com/	1970-01-20 16:38:28	Name: UID_EXT_57 Value: Y4luiSbzMqW6Vu4hNukvCgAAFDkAAAIB
koel.com/	1970-01-20 09:18:55	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-02T03%3A18%3A34%22%7D
.casalemedia.com/	1970-01-20 10:02:07	Name: CMTS Value: 5267
.amazon-adsystem.com/	1970-01-20 17:28:31	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 12:56:21	Name: ad-id Value: A4xhmEij4ERDuJK0ZiuQedo

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews Message: Access to XMLHttpRequest at 'https://js-sec.indexww.com/um/ixmatch.html' from origin 'https://koel.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://js-sec.indexww.com/um/ixmatch.html Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c98493de0a843cf7/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://koel.com/ixp/726/p/did-you-know-squatters-can-claim-rights-to-your-property-in-iowa/?fr=operanews Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=26' from origin 'https://koel.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=26 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
action.dstillery.com
action.media6degrees.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.pubmatic.com
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
api.conversant.mgr.consensu.org
api.rlcdn.com
apis.google.com
as-sec.casalemedia.com
assets.pinterest.com
b1sync.zemanta.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
cdn.adswizz.com
cdn.conversant.mgr.consensu.org
cdn.production.townsquareblogs.com
cdn.taboola.com
cdn.undertone.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
d3div1mtym39ic.cloudfront.net
d5p.de17a.com
delivery-cdn-cf.adswizz.com
dis.criteo.com
dmp.brand-display.com
doi3unldljdx6.cloudfront.net.
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
funes.solutionshindsight.net
g2.gumgum.com
gu.dyntrk.com
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
js-sec.indexww.com
koel.com
krk.kargo.com
lexicon.33across.com
log.pinterest.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid.media.net
proc.ad.cpe.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rtb.openx.net
rumcdn.geoedge.be
s.amazon-adsystem.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
static.solutionshindsight.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
sync.smartadserver.com
sync.taboola.com
synchrobox.adswizz.com
synchroscript.deliveryengine.adswizz.com
syndication.twitter.com
tlx.3lift.com
token.rubiconproject.com
townsquare.media
townsquaremedia-d.openx.net
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
vidstat.taboola.com
web.facebook.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
x.serverbid.com
api.rlcdn.com
js-sec.indexww.com
104.111.247.126
104.18.33.19
104.244.42.72
108.138.4.150
13.224.195.78
13.225.78.101
13.225.78.55
13.225.78.68
13.32.99.45
130.211.23.194
141.226.228.48
141.94.171.212
142.250.186.130
142.250.186.134
15.197.193.217
151.101.0.84
151.101.194.49
151.101.65.44
159.89.246.130
162.19.138.82
162.19.80.92
172.64.151.162
172.64.154.237
178.250.2.146
178.250.2.151
18.235.165.126
18.66.112.8
18.66.97.14
184.24.171.130
184.30.20.22
184.30.21.51
185.29.132.241
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.80.39.216
185.86.139.114
192.229.233.181
192.229.233.217
192.229.233.218
193.0.160.128
198.47.127.18
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.185
216.52.2.48
23.203.77.3
2600:1901:0:8344::
2600:9000:20eb:7a00:7:7419:8e80:21
2600:9000:21f3:3e00:4:b37b:9440:93a1
2600:9000:21f3:a200:1f:2473:9080:93a1
2600:9000:2240:8c00:11:1ed0:3900:21
2602:803:c003:200::41
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700:20::681a:ad1
2606:4700::6812:16ea
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:801::2003
2a00:1450:4001:803::200e
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:827::2010
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9b
2a02:2638:1::13
2a02:26f0:3400:1af::1931
2a02:fa8:8806:13::1460
2a02:fa8:8806:20::2010
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
2a05:d018:d29:3601:a6b1:a514:8d07:4a
3.124.118.151
3.126.56.137
34.107.148.139
34.111.151.213
34.120.133.55
34.91.62.186
34.95.69.49
34.95.81.168
35.227.252.103
35.244.159.8
37.157.3.28
37.252.171.149
37.252.171.85
46.51.133.171
51.75.86.98
52.28.133.153
52.30.42.211
52.46.151.131
52.51.35.58
54.171.40.8
54.77.113.16
54.77.35.234
64.202.112.191
66.155.71.150
67.220.224.144
69.166.1.10
69.166.1.15
69.173.144.165
72.251.245.179
76.223.111.18
85.114.159.118
88.221.168.201
02c7e6558782519c9832e443cfba0977a84539ae60065a6146752a2a78c15337
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
07ee86697b15aff9107cf305ca9980df8c9bcf47b4989cd9a115ab6b3fcc8707
0b7f4028dfd58ae991fc2424a328047d23059989e723d350acc909ad5a5e2937
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b99d65ed7b6ea7cd8c43c3f3b262ddbc96265915f5dfaac2bda46da135fd794
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d05aa7fda69e5a6629806fe1b77d18eb6ce5a777eed211f77b51b728f62b4a6
11b328c85e2cf2e266438ce5b962e619197153dded16f3d1c7806b3d072b0694
13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b
14161be0203f67567da81017cb9f3e10ed4e581012a5137c023f70e0a37dd535
161902d6e1d4e0d84d36834081de8084c12f706d7120833675d298a42c860959
16448684a959c3d49f6e67c1ae86b1345c604fbd31810b6b6536c36f31744393
1773d32781cc62f7ac90d17a33fee10b594aa8c109ed0cebc3adebcf6ffb7d87
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc
205a2e32a07486dcde7cc6621dafa9f8e1a1bfb0919dbbc536abdf9e934bf67b
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
2400a505346e9b61167380025734f6bf80ad066668ea438a84da03ef8161f5be
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a
255e1c0bec3598637ff1b039c315b16e8c34192e83adee4604c8b61e5ac68e20
26ece9652e9d7255bf0ce6a3b5b1f71ef986864bcbd1b342a2e30602f1c52a98
276ef237558b89c41c16ff51fe09551269ffe41f8bf49abdfa548b146b21655b
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2c9b7cd82ee07b56c7468ea4da3fa3982e6a9d28281bb2fc4b9cef0daa79f4ee
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7fd74aa405ca648caf80afc860f38ffd61008968299ae26dcca92f18ebd9a2
2f8955359ff3e9fa630501f9f8e154f601de58c9ebe96d54444434981d5c08ea
2ff4ec6a9dee01d90069658c1ad42daf13d104f914c51ee2c04a1fdd3a1831d4
30ab8969b8cd25bc0114f434815ffaf8e5a1e11fb62c8f0a9f42058226a073fa
31e4f128d68318fa4bcff974582aa7cf4b5e3cc1c0630afab50e89ae68ab79bc
33917e9ee1a2b0b9d95c2c7117fb2af90e2cee7b023655b97462c42fab1c8765
33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c
366c6213f93ccbb7087d8707e94986645ea910e952c9bd01af08b0c065eec6d3
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
38fda28a30f7d024f23b5c93d491adbc7c6b715a4229b16c7fef4f2641432a07
3bd02c8355bf4681954e9557b2d412604dd918701e24c3c3d16c9ce4972015a9
3cde0e6c7b303b596f94f320da702a5ce121b3926845f9aa95c373d9e4ca97f0
3e26e70ff784c664a715f16183961bd3f8e656fa54d52f9c442e6717d32e62cf
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f6e348ef4c5dd1c2f7b512bf6332535a2426f656e6f2bf3b0e9cec1ced2599
4228ebf13a526790a7bac89a0c5fc85f1ec3765339920afcb1e9cd218b40fdb2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44274532a83345c06de44583f5601e4baafb0750b67961724ca659f19bda8526
4617781eb97ef79f8976ce2a4ab0e80e2c1d115cce1888759bf48e30538a9eb3
46631d1418fa936b91531d97a98775dc7a4a5f6929a19e347344f88838a598fc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e178410227f812d07f2941d8689e53121ac23494dfd4bf4b78da34122b81918
50a0cc4bc41221e19f542cda95e4fd5b267fb9a20bcfaed7a2774e387f453d7f
50e31b99331b83f38b8d4a3e14bc7ada19eff7b286d200dd6d2f770540243ef2
54384978327d97a1fec11b9946df8a1f06668f87c80e5170a22c9840bbdb0356
548e03f9f449866f5d168ad9f225aeefe574b474e1369698464d7787351282b1
54ff9917daf6f89618357ef569223a5bd81eb9ef0255509aa77167cd9ee9e458
566890c99dbf82bc4df8e134197fecf1710fc93c2ade3807c4428dc4402c7977
58151778538b39d1e5d4ed793dbc29393160231ddfedd97cca2e2498b6d887ba
58c4b6b5d478269b18ee94c5e0276774210f13472059e206f72bcf8c4c338df9
5a71ff6f30cce8d57e299e3e235289e89b6b9c3e42e49107f60d6b86b87ee798
608ba581582e849ea60c4caeecea89c16be52cd99937fc5982d27fea6d09629a
616cbc3794d1e26e4e14b30fde9e29a9ce227d103c136f4134cff45ae95badde
623e04d48a5730a68aad0409d00bffd06b4e6c98f0337e7b6c52aecbe4f2108d
629d62adfad8d2674fb6b83a8ba85e3d76dd9f0e63a7a51b5753d0ea223af396
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6641dc91345abe14a72612b6906e73db091a0da27e2fb386b4906d1f1ba53387
66844b002413460858cab194c471908cd87c322a0d40561f9ce1b71acdbd3489
66fea73d2bde03047e1392ca58ed7b1b59ff0b9f063e59e93dbbfe7a8132235a
681552741ee7e0fbf46b78178b261f6bb053cac31e653ad5c9968a9c762a2b6f
68dfff6e312e5308fae0b15086e291f3c913b583ad25aabb19041695a821ffb5
68f1933ce3818d2353839553c65df69d9cbd724ee13ad43c5026425f314f730a
6969686b1900f3ff1aab25321803efddfbaef84b9bf4bc6cece0c6f4a81054af
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc752ee47fd7f1d13554a460e5e9795c39a7f23064b5bae16abd7f988f5398b
6cd9e43af4d28a3a580252ebf05a90dd04fd978c17aaef981a7b4c33325e38b9
6d72aebb9afef5d817c7ec4880ce79980dfb7d0f410759a51e1df59cdeb6123e
6e65b563fbd71ffa5606364f064af6fb3c373e4b79043c8d786c0822d3c44e12
6f1654b6f99957a156765045a776c317ea66f4d572b7849689a9ade6b9f9a094
6fbca1af120ab91717f4ea8eb685f467af023b15f56378481b855427af5da08a
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
788c4d1663f471f4036b6ca8c132e7fccb78ef97d9b2b1d9ac909b1b6f3e6da4
7900b61c654b5c5c8e2592fcc4738e256046cc53883a016fbe696c591dac5d9d
7ac496ebee19f79453218fb5515599fe4c6ad62b18fd2f6fb190629d4f2787c1
7b8e7341e98e766035311162b83b9d0ce740423d983137026ac3acbba1864653
7bde3113f8658e6bbd885e9d878e294a9c1505079ba6275b9b18e97b2fb76e95
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7d23b9f8234fa007e409b8f420b8684356872ba63696f32e63d1d2ca57ae3e51
7df6b898a5d46c311d54a0024ef925c880e0a70a2a2ff97b8e57d6075d78d5c0
7e0194519c661e2457b5eed727ddb9096a5b13778ba6c1a3813d97852ad8bcdf
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68
82d1dbbb58405f4878b8121fbf5b20a3631d1f431599e69a25d8cecccacd9d10
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832b6051ae9594175b750d4997779a60f3857333a693191a8bc6f6dcd4bf803d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b7ec9eef5f799926205cadb7e452e021d1a636b5ac1b6f86b103d0170f9752
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
8699655a7eeb9694ed2476f0d14a0be2d2142af9f4b1a018dd15ff37df8da95a
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c69ffc59f4d5c40b8293d14d56c05d2c8c5779310a1d0cf9ffedfc0fd0aaa3d
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8eb7432036bcd0f946b6068d3cf8835e09ef6f33e4842c3bcf32170a6ae39ceb
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
912bf50a1e356c3fa8a11134decd3494524d83d7a3647e9d1e770cbbf7195d40
921ec1295b3c6f85612e77e4d4a1743d6b036d87fe2d0da28d754553e2ba5dac
92d8ecf50a6bd997acb54e1997479a043f57939a32ee821c96714917fb5edf64
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
97b5ddba15c220a34050cb7364343eccd8f777e367a7f82c70c0d0c757c65543
9a52d5b062fde5b41724c9cc612dca013c2b3c2b777a75a986105a36fcbfcc9d
9c0cf30588ce196f127f10208173078c9cc62a6efb8e22df2c60b56419b48e7e
9c794889eb1708f95cc1a9d7fe4cb5e2400493388bab7213f81322ebdff0dc48
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841
9caa9d1fdcc5c47c066a703069c6f8f5d3e6ebe93e0a7009ddf88d9dad24909c
9fdcb8bc3248e83f7ae7f498496d73dbbc2090c0b53641de78e24853ad99eb0f
9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b81c9b9e3f5889faa9ae2bb61877b0ccaf5f5246a28d2d8576f29acb3dd485
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a1a51477b290a60449cf98dbec908c5dbafcf9a9a1cd30303ef30a863f7f7579
a27d58e86077350d08caebfd00c40c9860441daca50c68689d6c7e9ab944c8bb
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a50fd2c2415334c1be42218fccd59b837de10ed8ba364199d2c0b0d4a4c65299
a53cf2e7ad8cbf32cf59fbbd623afab55bf338172692eb750b2094c4d3636479
a6e0b2e4a05ac12fbe637a1fd60d56198bc68fe35fa123aa73ae4d66391d5c88
a87b2dc06e8eb6274176f0aa3b638fc2a57a6557f8bbf55ca2f3cd6c63014432
a8d824f62583481d15fd2558e9c98c7fdcf9e729c4f94fc75b198d3af1ed0f4c
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b244fe00dd8d7572335317677dc131f50d1681be332bcbca2c4844c4539a18ad
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4baaf56ea553456befd3e5c2e76948d05b59e4b9b5e5d9cc6f2421db575654d
b6d46331610533acd60153b27aaa675a37556d01336a58f4ba0e4aa8fac4813d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
bfcda1422aa899411226679000458222f0828156bd66902fdaa8ce43bff0f739
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
c15053c3c9c18a6b5a07a60d84ac4e23c1541b7e850b98559f654a7db0e6bf68
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5ce585015433e8c2e3488acd77585474b2b452580f49529a8633be8fa053773
c5fdab6ed996ced865743c7f428f1a3fb1ae494d551cd50cbd22cb4a3f612245
c6e5c945db43d0987ef6f5047bf051367a25b32267fa72419e54fc43a3f5b4ff
c9a106900cb07c24aa2cbec407adefaf904ae3e9ef780d1bbf8a839f1182dcb4
cd8b02ba51f42cc4124f9a30123bc6356dddb168b39b933b08429712a6571594
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7dab29e527c13124d1a51acfb6c8022fdfda813bf78a44cdefcae43917eb3c
d0689b2ea0ed0f1e9917015b8a55c75c69366ad7a1c354ee324e1ed692e82762
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2cad8d048730885b6947e9a7ef5322521342aa457a0b27b77c9d4be077e1432
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d557de3f39744cf5f2dc1fd949f47e98362dfdb6bd43a8b691d5b61bfb63fd95
d695c72671d8c0db9ce22193623d1649af3a2b4077b8a5102bde5796a2408e39
d937b5d2e2c5ffb46e3d4453b85da75cfa1c698e52e9ae259864c0c5816fc5c7
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da0392c604159f0bde97ecde7f2d7a309edc2c2063f650fbbc557e7f014225e5
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898
dc99a8df7b6ee1496ed732d875e0aee5ce128caded7686c8410e8b9d9368a821
dcdd82c645b04b2a2a97ac3f2d3398baca7e336a3228104325af43a17b9b8d97
de252210d3f104d098f0da4bffd392c2d9c0ec6fb9ef8b899e1641e695fa731d
df9a3a472d7d6edd4d1db22926b5b5130173bba1f50be5e7709abed1084581ae
e0f16cb9e16fb9cc23fb9be02dd29c5bf86a6db77920a098e82dfd3fbb2a4223
e139cf342874af7c8c190c22e2b75970be889db05e63a973970d74f11492f0f6
e1f520f35fa3cd5bbe582059aba561c5cafacbb8c6a42c0a60dc578a426f253d
e2d6e9c12d15d5f45b147313c6770a26c59c2b1bbf1a826c808bfc7f7f098c91
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cdff91df1de14d267e28a2fb8a07e80fc51e2a1f17624601b305d3e8a9b7ac
e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88
e58660e0ee36f712364a983e796bdd86418b73ff6a7a61b6e9b64401eaff2bc1
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e
eae40f31c3c6bdd9a23335b27d0266acdb2b9b3e60c20dc030526bd49f4aefb9
eb132cb9077cdc99ef30312a2946e6131ee5372c680f76a6a7c1e9513b77bb53
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed8c4b630b6e0ccf63c9efe8196887b9b9a9d044fa9aa665ff476d551203ba26
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f3dbaec4ba50a235f08e2c02c88b6a42a9e144e943b4063d35d0304c9b081f6b
f4c8a83f4ab8a70efeab8829002047911d2c9b1269216b284de3f0e9235dd2b1
f50beb7c3a025c1584c893b13e0a4ce1027a376b5866b767ec8a9c27325b434c
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
f56ebaae33f61e7c6d00ed2f594b56af2a9f813e4c8e0062ac9c711392bf855a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb2465729d377e4a5d328133a6def6138fc29a437e10a6d1d6ed54c14f95c932

koel.com Open in urlscan Pro 192.229.233.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

517 Requests

81 %HTTPS

32 %IPv6

78 Domains

131 Subdomains

100 IPs

12 Countries

5152 kBTransfer

13139 kBSize

95 Cookies

22 Outgoing links

Redirected requests

517 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

koel.com Open in urlscan Pro
192.229.233.217 Public Scan

Screenshot
Live screenshot

Full Image

517
Requests

81 %
HTTPS

32 %
IPv6

78
Domains

131
Subdomains

100
IPs

12
Countries

5152 kB
Transfer

13139 kB
Size

95
Cookies

517 HTTP transactions
1 data transactions