Submitted URL: http://pixeldrain.com/u/DYhuEsXr
Effective URL: https://pixeldrain.com/u/DYhuEsXr
Submission: On March 04 via manual from GB — Scanned from GB

Summary

This website contacted 38 IPs in 4 countries across 25 domains to perform 323 HTTP transactions. The main IP is 2607:9280:a::77, located in United States and belongs to JCOLO, US. The main domain is pixeldrain.com. The Cisco Umbrella rank of the primary domain is 554126.
TLS certificate: Issued by R3 on January 3rd 2022. Valid for: 3 months.
This is the only time pixeldrain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2607:9280:a::77 395502 (JCOLO)
2 2a01:4f8:c17:... 24940 (HETZNER-AS)
4 18.211.226.152 14618 (AMAZON-AES)
2 19 142.250.185.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
16 13.32.121.53 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.234.151.247 14618 (AMAZON-AES)
1 2.18.233.180 16625 (AKAMAI-AS)
3 23.20.158.212 14618 (AMAZON-AES)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
30 37.252.172.38 29990 (ASN-APPNEX)
14 37.157.2.236 198622 (ADFORM)
14 178.250.0.165 44788 (ASN-CRITE...)
22 96.46.186.59 7979 (SERVERS-COM)
22 34.98.64.218 15169 (GOOGLE)
14 185.86.138.121 201081 (SMARTADSE...)
13 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
28 37.252.172.36 29990 (ASN-APPNEX)
8 151.101.65.108 54113 (FASTLY)
6 2.18.232.130 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.193.108 54113 (FASTLY)
2 34.95.69.49 15169 (GOOGLE)
15 2a02:2638:1::3 44788 (ASN-CRITE...)
8 16 2a02:2638:1::13 44788 (ASN-CRITE...)
8 178.250.0.157 44788 (ASN-CRITE...)
8 151.101.1.108 54113 (FASTLY)
323 38
Apex Domain
Subdomains
Transfer
74 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
fra1-ib.adnxs.com — Cisco Umbrella Rank: 8051
cdn.adnxs.com — Cisco Umbrella Rank: 1232
acdn.adnxs.com — Cisco Umbrella Rank: 523
463 KB
38 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 689
gum.criteo.com — Cisco Umbrella Rank: 347
mug.criteo.com — Cisco Umbrella Rank: 3185
56 KB
32 googlesyndication.com
a771390be787bc68d376305e20db6ef2.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
124a63075f6f3b1fcf587f01674c5ced.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
1b1ead82496f6f0e5c5d2e2157a4e449.safeframe.googlesyndication.com
145 KB
22 openx.net
adpone-d.openx.net — Cisco Umbrella Rank: 18192
u.openx.net — Cisco Umbrella Rank: 621
2 KB
22 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1509
5 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
619 KB
16 kloperd.com
kloperd.com — Cisco Umbrella Rank: 344337
50 KB
15 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
470 KB
15 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 21124
2 MB
14 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1227
5 KB
14 adform.net
adx.adform.net — Cisco Umbrella Rank: 4064
7 KB
9 pixeldrain.com
pixeldrain.com — Cisco Umbrella Rank: 554126
stats.pixeldrain.com
280 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
3 KB
7 adnxs-simple.com
crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 3298
acdn.adnxs-simple.com — Cisco Umbrella Rank: 2477
536 KB
6 powerad.ai
powerad.ai — Cisco Umbrella Rank: 13440
reporting.powerad.ai — Cisco Umbrella Rank: 14662
44 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 343
111 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
1 KB
3 brainlyads.com
hb.brainlyads.com — Cisco Umbrella Rank: 12751
180 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1247
15 B
2 gstatic.com
fonts.gstatic.com
32 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
36 KB
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 419
58 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
39 KB
323 25
Domain Requested by
30 ib.adnxs.com hb.adpone.com
acdn.adnxs.com
28 fra1-ib.adnxs.com pixeldrain.com
hb.adpone.com
cdn.adnxs.com
acdn.adnxs-simple.com
22 ads.betweendigital.com hb.adpone.com
19 securepubads.g.doubleclick.net 2 redirects pixeldrain.com
securepubads.g.doubleclick.net
www.googletagservices.com
kloperd.com
16 gum.criteo.com 8 redirects static.criteo.net
16 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
pixeldrain.com
tpc.googlesyndication.com
kloperd.com
16 kloperd.com pixeldrain.com
kloperd.com
15 static.criteo.net hb.adpone.com
static.criteo.net
15 hb.adpone.com kloperd.com
14 prg.smartadserver.com hb.adpone.com
14 adpone-d.openx.net hb.adpone.com
14 bidder.criteo.com hb.adpone.com
14 adx.adform.net hb.adpone.com
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
pixeldrain.com
tpc.googlesyndication.com
8 u.openx.net hb.adpone.com
8 acdn.adnxs.com hb.adpone.com
8 mug.criteo.com pixeldrain.com
8 cdn.adnxs.com hb.adpone.com
7 pixeldrain.com 1 redirects pixeldrain.com
6 crcdn01.adnxs-simple.com hb.adpone.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 www.google.com pixeldrain.com
tpc.googlesyndication.com
4 adservice.google.com securepubads.g.doubleclick.net
4 adservice.google.de securepubads.g.doubleclick.net
4 powerad.ai pixeldrain.com
powerad.ai
3 hb.brainlyads.com powerad.ai
pixeldrain.com
2 i.clean.gg acdn.adnxs-simple.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 reporting.powerad.ai powerad.ai
2 stats.pixeldrain.com pixeldrain.com
stats.pixeldrain.com
1 1b1ead82496f6f0e5c5d2e2157a4e449.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 acdn.adnxs-simple.com hb.adpone.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 124a63075f6f3b1fcf587f01674c5ced.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.googletagmanager.com powerad.ai
1 ads.pubmatic.com pixeldrain.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 a771390be787bc68d376305e20db6ef2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
323 39

This site contains links to these domains. Also see Links.

Domain
helpukrainewin.org
Subject Issuer Validity Valid
pixeldrain.com
R3
2022-01-03 -
2022-04-03
3 months crt.sh
monitor.scylla.pixeldrain.com
R3
2022-02-19 -
2022-05-20
3 months crt.sh
*.powerad.ai
Go Daddy Secure Certificate Authority - G2
2021-08-13 -
2022-09-14
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.google.de
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
kloperd.com
Amazon
2021-06-30 -
2022-07-29
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
hb.brainlyads.com
Go Daddy Secure Certificate Authority - G2
2021-11-25 -
2022-12-27
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-04 -
2022-05-03
3 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2021-12-15 -
2023-01-15
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
www.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4
2021-05-10 -
2022-06-11
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
i.clean.gg
GTS CA 1D4
2022-02-14 -
2022-05-15
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-02 -
2022-05-03
3 months crt.sh

This page contains 70 frames:

Primary Page: https://pixeldrain.com/u/DYhuEsXr
Frame ID: 2469CC9FB3C2D2DB8925720DCFBB1213
Requests: 24 HTTP requests in this frame

Frame: https://a771390be787bc68d376305e20db6ef2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CB8C4DF709FE313A2D268044A189617C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQA5Z4225_Oywg031FVmpnlirMmyI-NQtQFDbQVIZJpR4upSbvixWeawL5ncHxIwY6qDrMwVHBLQ0uevCtS13kfTxVH8IDa4Q4AAQpiRRwcAZyhVWMBNIkC6on_f5bgb2eSqM-Xhb-7yf7kVrzlh0Cq_2_GZnVOu3xPuzdnC6q4rTbyq5YvyihkfiUMSrB1VnO7Mii2MBHFDhJIVNPOOmZ5WGe2eoloR_Wc3SNRZcYgFMMSfC11QpFzY5T5bEmf2kYO4nIkuSAUf1AVEXTwA0PZV3mFAvDf7gVv_WEfB3d_s4AjvUBJhsTJtQMsMzRT0Eevs4FCGBUmXCLqqVYmD4i1Q&sai=AMfl-YR0RsdiuoXNq5LBmbtBQ4Ilp7c7HIiCV4zw8h7B0U_BqVK3B76_xxiNWbrHbaHsSWE0pBDlwzwdelsHn-dDYYD4B6Y0zX8s4o7EJeTd9DgTMG55Dt0U37822plkhlCz&sig=Cg0ArKJSzM8rO-8S-5RAEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 996EA4CA111EF49D9868FBA71D26BB75
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: D4D3237A1506D7D2BF523A6D9BE9CDED
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Frame ID: 7196CBF9A5BBD9713A3EA3FAAEB091BA
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: 6608A0C39454CDD979BFD6EF183ADE12
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 88452D0576ED4CBFBB36163300FD61DA
Requests: 9 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=ruuijhyqan&e=1959133272352
Frame ID: AAB2750EBE250E6EAC40BA165576291D
Requests: 10 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=nul&e=1959133272352
Frame ID: 0AC02DAF32D300204679170B753262D6
Requests: 10 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=wiwarbj&e=1959133272352
Frame ID: 99B996BDFC272C9C83768423F2F86F5E
Requests: 10 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=dqcajjjmku&e=1959133272352
Frame ID: 9E265715560262D38BFD03EEE21F6780
Requests: 8 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=ylzmyhrz&e=1959133272352
Frame ID: 841C65FC4C72F5FBF3E32EECA5263B8F
Requests: 10 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=htodwi&e=1959133272352
Frame ID: 92363D70A440C52C6F2F47C32550AE09
Requests: 10 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=ijgdhoks&e=1959133272352
Frame ID: C2EAABCFBA296E3BA21B3AC278A564C0
Requests: 9 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=ecuvtcu&e=1959133272352
Frame ID: EEEC99BE15682F13CE5D6D767AAC0BE3
Requests: 8 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=rlgfure&e=1959133272352
Frame ID: C5EF7550124ECCA0BF357817FF996017
Requests: 10 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=nkpmabwdq&e=1959133272352
Frame ID: 2C9424E79FD3A0826685F31578B67043
Requests: 10 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=pfmaontg&e=1959133272352
Frame ID: 9AA011D306D333EE5E1C3BFFEACCC089
Requests: 8 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=xorgpkthn&e=1959133272352
Frame ID: 8EC01D316CAA46FE8E97131CB5AE8DDC
Requests: 8 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=faaioergch&e=1959133272352
Frame ID: A8E6549640A93E1F749E07B491CFEC06
Requests: 8 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=kquythk&e=1959133272352
Frame ID: 6375088C534507AD30BC9B63DD9EAB1F
Requests: 8 HTTP requests in this frame

Frame: https://124a63075f6f3b1fcf587f01674c5ced.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: D8C9E00CC1AEBD4C38514D60C70E423C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022202072236000/amp4ads-v0.mjs
Frame ID: BFFFF47C83C04E206D924EE1150138F1
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 88BF56E3856727D1743B3A80F917645F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B86486E3C4950D00F45A3F549D8E29FA
Requests: 2 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKXDOgXBgAAAwDWAAUBCKTviJEGELSQ45-Hj43YeBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXiz2AWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFSMXRfRlFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTJPRG5nQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXNUxLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITR4UVRhZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGxBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAcAu2AIA4AKbhU7qAhdodHRwczovL3BpeGVsZHJhaW4uY29tL_ICEQoGQURWX0lEEgcxaRkFFAhDUEcFFBg0MjkzMTU1ARQIBUNQARNgCDM1OTk4NTI38gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYMA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Njg52gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ogpAAMgHs9gF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB6q5EYoIAhAA&s=a4927f497d3b0ba74d93de477ffbe14dde4a5539&bdref=https%3A%2F%2Fpixeldrain.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpixeldrain.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dnul%26e%3D1959133272352,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dnul%26e%3D1959133272352&
Frame ID: 6CCBF42DA1914AA93CCB6690D8B98809
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D1B88E0F88BBBE354FB28E43FF36D151
Requests: 13 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
Frame ID: 9D6B27E05CE8EBA448D7E51213D30D5F
Requests: 6 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
Frame ID: 2A42C7613579B74F4EC406C920CCE3F4
Requests: 6 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
Frame ID: 8380F7A77837D37BB60B7C93CD14134F
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: ED0E0956CA5B8B0FC115BAEF154FFC0A
Requests: 7 HTTP requests in this frame

Frame: https://1b1ead82496f6f0e5c5d2e2157a4e449.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 7B761E9D83A1C80F907CEB6D5757568D
Requests: 1 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
Frame ID: 836F7E9641438AF9A7E9E0CF10973C1F
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 1BDC310F233D451E246EE84E17B44DDD
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 717CADB41345D233EDA1EDF211BA5C19
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 87304C3716033D53511BDCC4B6D113C1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A6718BE8C7A9FA8AFC372EE23F448E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 58B31EB37B237A4689C9FB2405FF395F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Frame ID: 24344DDF4D729BA40E22C262C644BD03
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Frame ID: 8E75CAF45E1FD16DA1C3D09BC01B1442
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Frame ID: 0356D8B4F05E6EA6EE3FDB24728447F5
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Frame ID: 08E73624A97E75E61AE2E4773D58D441
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Frame ID: F5003A0283EBCC306BB4F9889FAA2C84
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Frame ID: C3ABC4B14E7452F46456658507E9EFE4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Frame ID: 8B8FDB5F29E5579F441C9F1B1E73D4F7
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Frame ID: 90A767C4E78D963A5F1BAE55F96C8D82
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: DF357F7D806AD1A931A740CE28C208B6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5D0080A51BF765FBEDE8B6606B955C6A
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 01BB54CF8C24AE7F7C000F7B12B9B565
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 88DA5856E8E10C58B80F3A59E6258E45
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 4572B511E4B69873839620F2A5C6D8DA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E3537D1BFDB66F059BBBA8E7C6FBE7D1
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6AB16A30712D94B177C107F03639459B
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 838DCDFF047201B3141A8CADA12C5B4A
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: B08F03533D01C963C6275673214AD86F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 6BBDD465924E048615051970771F6AAA
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 8E791AD81FB37BA089725A05DD764B21
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6FF4D01A39FCBECAA17AEA6F0F3DCFF4
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 53F25EE897D5988D59A356260B2B098D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D9914B1FC2A8DCA7638A28AA1A7C1936
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: AE2C938D2666BA9AF6288371F18F2D1B
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A1AB525B975BB6A4FDB30E9C53B585B6
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: E90D86CE5DDD8A3F40A59BA9BBB32DC6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6D8F7DB6DD46CEB93507E7730894EB4C
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 338850ED33413C8D62BEDB7DFD3AE0EF
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 55034DA0A7F3419AA2B55F74678AEEC6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BC0D1743BBF182B4224C04AA29747304
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: F174461948506814B80D784811FD0BF5
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8C0AEC4939899B86FB3E5063D02F83FD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F815EF878CC7F92CF1B54B2D5402F3E3
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Prv5445.jpg ~ pixeldrain

Page URL History Show full URLs

  1. http://pixeldrain.com/u/DYhuEsXr HTTP 301
    https://pixeldrain.com/u/DYhuEsXr Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Page Statistics

323
Requests

97 %
HTTPS

49 %
IPv6

25
Domains

39
Subdomains

38
IPs

4
Countries

4791 kB
Transfer

14242 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pixeldrain.com/u/DYhuEsXr HTTP 301
    https://pixeldrain.com/u/DYhuEsXr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 171
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=750280252 HTTP 301
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
Request Chain 221
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=1281320897 HTTP 301
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
Request Chain 277
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=jS5WNnxWUlRqcXRabnNKMVFGTDYrK1RBWWhwV1pRZDBuZnFBY0VwZ1dQZlgzd0RyVHFLekVucUFEYy9EYXpmWURtcnZpKys0dlI0YUloVkVScWM0OVYrNlB3VDdzMkpsWndZNlNnNlhJTm13YW5sZmFrTmZHcGUyQy85ZzRydVorT2dTZEVDa1pGcDVwRmhMUlhkSlpDdFlBc083ZnBBbllRbk5vUnk5OUMvQjM3RkNUUEltL0lsbFQ2eWZUK3NKV0dKdU5XS0dWUG1iMUZDZVdabTROVDRmcER5a0pTekV3RDk2VndvQzJ3UnM5YWxkc09MVHp2RDFDcW1ZczFWZjcrQlVHZXBrQkJ0SHR2YS9ZdlZrVWxWZXdyZz09fA&cppv=2
Request Chain 278
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=m5qfUnwvOEJoOVZJNUJQTWlrR25mcnVNdVJTOFZreklhc0tFTUtmV0tNZXA3Z1FYRWR4N3VTTU95Smo0YlRlMEI0Nk9HZnpKMFBiN1BYMmh2elhLUURQSE9VRS9zbTh4WmgvQmx3bHltTTV0MjY4Qk4rK1ROcEFjNUhKSGhXQ1kwaTZuQXo0cndqQUt4a3NmQWl1UDNkZTBPSGhHVERjWlNYV1J4cFlVdU5EVzhwTlVzbHU5Y0l6V3NCeWVpU3FwTlBFa1M2V3pnMmh0Q3BubHRlcWhFR1FJZDdpMjVFU3MyQkNoZzBrNWp3c0lPU3dQKzQvSUpSMERLSUlMT1NaN0EwM2t6aXRNY0MzR0VCWUtGVC9jbWZmSld2cHhJakFVU1FoMHpScXRnZUtRMW9scz18&cppv=2
Request Chain 279
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=fXc70HxGMlVOZDEvc2k3cE5SVHZiV2EzWnRIM21wQ0x0dk9MYzdZMnZMUHJJNEFqL3liZEVFWk10NTBJYzV5WHp2L2U5TXVCNlA0ejlBb2NkWGI1Wmd2cXNINWdRdU5laGYrb2ZIbTdnN0R0OVdPTHE4Z2JyYmxzd0VxWnMxWFJFU0srenJJT3ZiNWVXb2xBRmROOXhzN1dKeGdCNmFzckVzcndSSHJNbVMzYTNZNlRza250Ri9FQmVPOWRMZ1FjK2xhcHJiQ2xzMzlzVHczMFlnM2I0eTJsd2Rud0xTQnUwSkNwcW9TYXJ6cnhTeGNNSVVwNUNHTVBCMUFPaDdpZElGcDZLOE5ZRXBqS0QrUUhUWCtUdnpqaEp1RHYyZzB0MExNWjBGQi93aGJtWU96VT18&cppv=2
Request Chain 280
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=XpAzSHx5RGhGQ3R4WFg0R2NhVW1mSW01djYrcWZ3TkVCSmRjS1BQYnlIMXkwTEg4elhRTUVwbFAwOThaMFg3dm1wNit6TC8zOU84K2w3cXczaXloQVJJaWVXcWZmVThYN01SeVE4c1l1STJ5ekRxTTV1U0huZDZtbXVMd0dqaElKREtFdGVpQm81bDVjU3hNdjAwZ09aRTJUaUpwaGtSaXRmV2hXL2o1S3B3M3NRTkZMZjBQWTJsL2NLV1lZTzM5R3p3VERLRFluYUpZRSs2VnBkVkFOZU1ValVEVGtmZ0htRmUyblEvL1RBSFVudVd4S0xzaXF3amY5cVZHaVlFbFROR1VSMkdCUE9Ec3RzbXlQV1l3ODc0ck9Udz09fA&cppv=2
Request Chain 281
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=9Zf0lHw3djUzYkNHV3lFTkliNExERFR0bnhUZDM2VndaVGlyTEFXT2VJQVdJZy9rTkcwbXA0WGtaN3Z6T0s2b2trYXNQYUQvbGpUbnZ5cmRrTXA1Zi9KK3BkM3hFRWxrblVTazg3dnErK1hnRWlhTWlqV25nZU5HWURHbHMxdERXWkVuY3BuZ2FQWkl5ZkxIM3NiK3lrOWFOTXE5dHNnTjFLZ1FhYXBMdE8rWkdMY2lmemprOTdRUTBuWldFV25KZDk5QXZmWnRaT2FSL0VwbVFETiszaEpYZXEwY3BMM0xrQnVXcnlIczdhbWIycTA2dktzUjU0a3RaZE9pZ0dYK3pnalJiakhnMjFFTVhvL245WW9XbkwvTW5JZz09fA&cppv=2
Request Chain 282
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=DC7cpXxHSk1OQ09BQzJoanA2ZUlKVFRmWkdJQjZKVVBuSFlYWmIyRlVHYmZITlREc3FWbjlkd3VVOWdkbHdXT3pON1NHTjJ3UFV2ZWZlbnZEVWlRT2VLZlBGV3RrWHU4d09xOFlFem9FWGJFTnVBVEZSMmFteHRDM1pvMXlzS25nanVabUdIR3g3bEFmWUQ3ZG9ZNTBKdWVvSHY2Nm45QjJpblZxUmZJd1FrMVBrODlpOC9qM01obmgvYUlpV2tha0xuNkpJZGtsMkJlSEx4blpDelI5cS9kME1yMWdQbkd2N2dzN3RJQUZWMSt0VktSNHF1TmtKc1psaVlDdkpjZlM3R2xEYVdibFBWdXd0SlRCZURxb0lkNkpZZz09fA&cppv=2
Request Chain 283
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=UWSgenxRRzdPcEdwblR5OHFEb2NyK1laa3lScHJGNHpZazRNZ05FODZvQWpjOVVUNzQ1Qk5IV3pJbnloQlRFTnZmU0U0TDZhWjNhUjBTbVFaNGtIeEVlRGZYdWV0Y2NDOXRFa0pzSGN5NVJKVUxyTGh4eGxjdy9rbjA2ZkxPRE5sVWN5S0hnT3labEw0RFlFTmRtYUoyMkQ3dW1kaWJvREtzTytlaVBuTUo3d056eVI2ZEpYbDgyaEs2eEJxZmphUy9TTWxzS3ZWWW5JODN1M1dsNGRoRjRrbFZ5R0xxbEErSURNSTVOYzRjTzh1VmNBR05QR0ppM0tiTCtQdm50RnRTTUlWQzA5SVAvYmlFQWpuVXNJcm5RSGw5QT09fA&cppv=2
Request Chain 285
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=D39CRnxMU3lFbTR5N2FCWERWcVNvOGxoZXVib2paMy8ybGtUb2w3ZXEzVXJDdGlTeUNtQ1dXSk1NYktVc0gwc2oreDNNOVk0RllBbWsvYzJjQTFXVW44Q1BlMXFaZE9waXdYM01ESzc5UndQcFVuV1VPTDBrbzdqTDRhMVZ2VG1XaXJ2SGo3cHpOcFpUME5vRncwblVWR2VzcWRVZDRLL3FRa2x5VVNSQnpyQW16bjFiTGRhREdlV2xleVBhRTRYQ0FnTHlsY01RdnhWU09ZK2VSWUNMYVVqMzdMVWZoM3ZGMGN1amwrdWZJR29TR3ZqQ1dWN2Z6V2lWbHVIQ3FXS1JPRjN3VlNqN2pvbDg1cXNMaEMwNkV6d0hJQT09fA&cppv=2

323 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request DYhuEsXr
pixeldrain.com/u/
Redirect Chain
  • http://pixeldrain.com/u/DYhuEsXr
  • https://pixeldrain.com/u/DYhuEsXr
28 KB
11 KB
Document
General
Full URL
https://pixeldrain.com/u/DYhuEsXr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2607:9280:a::77 , United States, ASN395502 (JCOLO, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
247f547b84b3238d252fa436f6ed400c2031de1c7e4c351a3c16a364d021ac6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 04 Mar 2022 16:00:34 GMT
Content-Type
text/html; charset=utf-8
Connection
close
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip

Redirect headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 04 Mar 2022 16:00:33 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Location
https://pixeldrain.com/u/DYhuEsXr
file_viewer.css
pixeldrain.com/res/svelte/
13 KB
3 KB
Stylesheet
General
Full URL
https://pixeldrain.com/res/svelte/file_viewer.css?v457331
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2607:9280:a::77 , United States, ASN395502 (JCOLO, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5e6aaf735e736a6f85855555407bde52592f8d1134581bbe63a55f9512fb4bb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/u/DYhuEsXr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Mar 2022 11:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=31536000
Connection
close
file_viewer.js
pixeldrain.com/res/svelte/
336 KB
108 KB
Script
General
Full URL
https://pixeldrain.com/res/svelte/file_viewer.js?v457331
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2607:9280:a::77 , United States, ASN395502 (JCOLO, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7d3263a72c95acef8223239f888c003f61025ef722812fc918f867300b6a39fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/u/DYhuEsXr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Mar 2022 11:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Connection
close
plausible.js
stats.pixeldrain.com/js/
1 KB
2 KB
Script
General
Full URL
https://stats.pixeldrain.com/js/plausible.js
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:c17:9c30::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:34 GMT
x-content-type-options
nosniff
Server
nginx/1.18.0 (Ubuntu)
Content-Type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
1332
truncated
/
8 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
270c914b2603b8addb74b2b3a8cf09afaa48abfaa15dca9dd65cfea7e60b2e3c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
MaterialIcons-Regular.ttf
pixeldrain.com/res/misc/
320 KB
156 KB
Font
General
Full URL
https://pixeldrain.com/res/misc/MaterialIcons-Regular.ttf
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2607:9280:a::77 , United States, ASN395502 (JCOLO, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8731aabbb1cdd629d3edb80802afd792a25be3b71a85bae78e33ee0e3602c8f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pixeldrain.com/u/DYhuEsXr
Origin
https://pixeldrain.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 17:42:19 GMT
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000
Content-Type
font/ttf
Cache-Control
public, max-age=31536000
Connection
close
script.js
powerad.ai/
192 KB
42 KB
Script
General
Full URL
https://powerad.ai/script.js
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/res/svelte/file_viewer.js?v457331
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
e58f046523e0ae8d52a6bf9f2482ba90eaceae148ce41ff5e5ee04bac34c834f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:35 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 19:13:14 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"2fefc-17f46e6a139"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-credentials
true
access-control-allow-headers
*
gpt.js
securepubads.g.doubleclick.net/tag/js/
82 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/res/svelte/file_viewer.js?v457331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
1f92187e32fb9f75906b68ad3056f8fa8047e6009efa53c0505de1142a3be5b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28019
x-xss-protection
0
server
sffe
etag
"1149 / 652 of 1000 / last-modified: 1646408660"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 04 Mar 2022 16:00:35 GMT
view
pixeldrain.com/api/file/DYhuEsXr/
90 B
298 B
Fetch
General
Full URL
https://pixeldrain.com/api/file/DYhuEsXr/view
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/res/svelte/file_viewer.js?v457331
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2607:9280:a::77 , United States, ASN395502 (JCOLO, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9be10f7bc5150b1e55202ef0d06db7527f26a567a673328f601101019a44b028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pixeldrain.com/u/DYhuEsXr
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 04 Mar 2022 16:00:36 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
90
Strict-Transport-Security
max-age=31536000
Content-Type
application/json
DYhuEsXr
pixeldrain.com/api/file/
688 KB
0
Image
General
Full URL
https://pixeldrain.com/api/file/DYhuEsXr
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2607:9280:a::77 , United States, ASN395502 (JCOLO, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/u/DYhuEsXr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:36 GMT
Last-Modified
Thu, 03 Mar 2022 20:53:19 GMT
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Content-Disposition
inline; filename="Prv5445.jpg"
Cache-Control
public, max-age=31536000
Content-Security-Policy
default-src 'none'; script-src 'none'; img-src 'self'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1680501
event
stats.pixeldrain.com/api/
2 B
372 B
XHR
General
Full URL
https://stats.pixeldrain.com/api/event
Requested by
Host: stats.pixeldrain.com
URL: https://stats.pixeldrain.com/js/plausible.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:c17:9c30::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://pixeldrain.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 04 Mar 2022 16:00:35 GMT
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
2
x-request-id
Ftk41ykuElpJ1kQEQliB
pubads_impl_2022030101.js
securepubads.g.doubleclick.net/gpt/
365 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 11:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124868
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 09:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Mar 2023 11:10:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
118 B
119 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pixeldrain.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
3a15a8f2123223dfd3f94cdfd1993f124e325744e4366b3663ffda251a19a846
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
expires
Fri, 04 Mar 2022 16:00:35 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pixeldrain.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pixeldrain.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
19 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=113280858095687&correlator=449312207258417&eid=31065452%2C31065497%2C31065504&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=21673142571%2C299__pixeldrain.com__default__160x600_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&cookie_enabled=1&abxe=1&dt=1646409635738&lmt=1646409635&dlt=1646409634135&idt=1580&biw=1600&bih=1200&oid=2&adxs=1472&adys=157&ucis=1&adks=3672245420&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fpixeldrain.com%2Fu%2FDYhuEsXr&frm=20&vis=1&scr_x=0&scr_y=0&psz=160x994&msz=160x-1&ga_vid=1819317573.1646409636&ga_sid=1646409636&ga_hid=40863377&ga_fc=false&fws=4&ohw=160&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
af15909a1c20bf06de4468042e4efd3a0955cb45cf314a2d01b67e443251e01a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8941
x-xss-protection
0
google-lineitem-id
5819288379
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138368815746
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pixeldrain.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a771390be787bc68d376305e20db6ef2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CB8C
6 KB
4 KB
Document
General
Full URL
https://a771390be787bc68d376305e20db6ef2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 04 Mar 2022 16:00:35 GMT
expires
Sat, 04 Mar 2023 16:00:35 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 996E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQA5Z4225_Oywg031FVmpnlirMmyI-NQtQFDbQVIZJpR4upSbvixWeawL5ncHxIwY6qDrMwVHBLQ0uevCtS13kfTxVH8IDa4Q4AAQpiRRwcAZyhVWMBNIkC6on_f5bgb2eSqM-Xhb-7yf7kVrzlh0Cq_2_GZnVOu3xPuzdnC6q4rTbyq5YvyihkfiUMSrB1VnO7Mii2MBHFDhJIVNPOOmZ5WGe2eoloR_Wc3SNRZcYgFMMSfC11QpFzY5T5bEmf2kYO4nIkuSAUf1AVEXTwA0PZV3mFAvDf7gVv_WEfB3d_s4AjvUBJhsTJtQMsMzRT0Eevs4FCGBUmXCLqqVYmD4i1Q&sai=AMfl-YR0RsdiuoXNq5LBmbtBQ4Ilp7c7HIiCV4zw8h7B0U_BqVK3B76_xxiNWbrHbaHsSWE0pBDlwzwdelsHn-dDYYD4B6Y0zX8s4o7EJeTd9DgTMG55Dt0U37822plkhlCz&sig=Cg0ArKJSzM8rO-8S-5RAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 04 Mar 2022 16:00:35 GMT
t.js
kloperd.com/ Frame 996E
40 KB
11 KB
Script
General
Full URL
https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c51f742fbd4b6cd9947ba6ae6a26c9a2113680331d28bd3bce6b17be28af262

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
XSufoh5.wp0UJCJaboDmRcMrASrXb4Pd
content-encoding
br
last-modified
Thu, 03 Mar 2022 12:10:48 GMT
server
AmazonS3
age
13550
etag
W/"83485fe4faa8ab679bd4ab1783a23760"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
date
Fri, 04 Mar 2022 12:14:45 GMT
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
b-mFAyWv_LTmcfwms-Zy3T3PksRHbi3tMy4xFhW7W-zGJdy1_-x6Wg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 996E
124 KB
39 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065452
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38860
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646224922100600"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 04 Mar 2022 16:00:35 GMT
uqutdxo4sucg5yf9yxm9g.json
kloperd.com/c/ Frame 996E
1 KB
2 KB
Fetch
General
Full URL
https://kloperd.com/c/uqutdxo4sucg5yf9yxm9g.json
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebc719d137039efddc8eb07f415745630bebdfa8fccd7a8ab9c808b5bb0dbf21

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
4N1dzlTvB5htfPf_5AOuWpILehpKAWv6
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
last-modified
Fri, 04 Feb 2022 21:25:52 GMT
server
AmazonS3
age
31689
etag
"45d649cf3a59440b3695f9fab5411a17"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
date
Fri, 04 Mar 2022 07:20:12 GMT
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
1162
x-amz-cf-id
DqswsVD08YvTm31vytsRTJCjGKjUKTHIC4urwPHuSRCvjtUX-Z_IZA==
/
reporting.powerad.ai/
2 B
272 B
Ping
General
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://pixeldrain.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
nginx/1.14.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/
2 B
214 B
Fetch
General
Full URL
https://powerad.ai/detect-aau?ch=2
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/
2 B
214 B
Fetch
General
Full URL
https://powerad.ai/detect-aau?ch=1
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame D4D3
178 KB
58 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
66ea91a01b97feca3757a3ff16e3782973b559b2d4cbe79f7704e91607f9aa47

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 19:14:10 GMT
server
Apache/2.2.15 (CentOS)
etag
"10a1110-2c888-5cfd3192c4545"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=65765
accept-ranges
bytes
content-type
text/javascript
content-length
58379
expires
Sat, 05 Mar 2022 10:16:41 GMT
pbjs_wrapper.v1.1.js
hb.brainlyads.com/ Frame 7196
36 KB
11 KB
Script
General
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c229749111c7b3184582dec8e7b1b84aa82a19d5081a2dbdadbbfb1303932ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 17:28:55 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"621fa957-913a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Sun, 06 Mar 2022 16:00:36 GMT
pbjs_wrapper.v2.0.js
hb.brainlyads.com/ Frame 6608
42 KB
13 KB
Script
General
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
17d1f6e9e4470597099bd98343f2785f1d8b8aeb2fac3a5fb8178c646033a0dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
last-modified
Tue, 15 Feb 2022 12:25:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"620b9baf-a810"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Sun, 06 Mar 2022 16:00:36 GMT
/
powerad.ai/pubPls/
2 KB
1 KB
XHR
General
Full URL
https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fpixeldrain.com%2Fu%2FDYhuEsXr
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
f1aa80d51e33a53374622d22c5e1d9fd1ee0633e7987624f3f1fb0a451351202

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"8fa-pAHxrhRMGb1g2EHZNivlKxqL1t8"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pixeldrain.com
access-control-allow-credentials
true
access-control-allow-headers
*
truncated
/ Frame 996E
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a66e72f32fc5f22b4b88ce9aeaaf1243525649052026d2ff53d55ce05d6b15d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 996E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZUd1NX2c35mzSalm4u_Fobu_LHrSdlCS2Dwk-bf5JP__Yvgs4WiDIeRlcrcbgZevaybeHxhwTZ2jIua6kZiWddxvSVMIVwE_GBJE_Tourp7s4jW9jCO0vg9QfunUYpjNFnXyiaXYQOQwIWTU665gnB12LmbdRdnm2BR9PCsq_1u8jshjEbbrTVlip7o1-3Qpo9BbjwiYXQEfiIEK8jrePPxKGPJodXCrmJbDJ6hsfyKmzCO4EEB9XD7RIFvuyAsA0aidRViP5R0Qrq5JWeqJzEk_wfU6mZL4vFYIOzXCsygorMTNr_w9DSiov70adpJAtaLb_JRIOOwqTpC6FoI4I1F5H&sai=AMfl-YSRZK5weDjlTgZO8mmwILG74I063B2CZssaSt_1zI20u09ha_Fa-OUk3JlYIpGb-3jpo7ftOB1n98p00IdUOCXY8LeeUNxNy0YgyReF1GmtFwTP11Zy7YOqoN5w5q-A&sig=Cg0ArKJSzHEv06IpjmW6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 04 Mar 2022 16:00:36 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8845
82 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
74fdacf93e6ac74b408bd6aa378e5aa2b721539ce2151a8d116568ebd20d2b5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28020
x-xss-protection
0
server
sffe
etag
"1149 / 342 of 1000 / last-modified: 1646408660"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 04 Mar 2022 16:00:36 GMT
prebid_v4_38.js
hb.adpone.com/ Frame 8845
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
621e239041447ad520be8f91bf01c61e630b2c70df70dd941f901d4d9e7cdd11

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9M2BBpGWXv7xXK1xWrjFgYYL0QT2BHRQP2SPC1NXmyZDvsm1IR3xrimPJucbCiUMRsqPw%2Bv%2FhlbFDawYD57JzuMJ6oopk5JIZ0Y8DVxaWDo5IP%2BVJYikD6VUWIBj5A3xwphFr2ZNWOXvrKA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd3625c0175c6-LHR
p.html
kloperd.com/r/ Frame AAB2
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=ruuijhyqan&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
d29bY63lVusJghgFxfgCqLMST8ZaRDaQSq9S-d5dnQbj6uWT0-ZVkg==
age
48772
p.html
kloperd.com/r/ Frame 0AC0
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=nul&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
ZScEkVybKMTCCDsMBIPlUe9CIjkeoQAuKEZfceApaZsIvfY6-2_g3g==
age
48772
p.html
kloperd.com/r/ Frame 99B9
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=wiwarbj&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
wub4xlXIafj9OsoA3b9tgOIBU7XMDNiC4gm1ZnvRiUBfiyp1_vVEXQ==
age
48772
p.html
kloperd.com/r/ Frame 9E26
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=dqcajjjmku&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
10qLNJyirjUuhFa2HWX-fq4GzQ4aOTyeRymM9NmKRAI1uyugdu9Yxg==
age
48772
p.html
kloperd.com/r/ Frame 841C
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=ylzmyhrz&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
KgcMgTZLy-c7F9HcwL1DQqvh6THP_u5Buxg9HQxc1R44AfdnvRq-Ng==
age
48772
p.html
kloperd.com/r/ Frame 9236
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=htodwi&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
h9NJtZcvcoelpO3KlJI3aNV8s9gOcxfOtFxpi2-6P24k8zQNsfciew==
age
48772
p.html
kloperd.com/r/ Frame C2EA
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=ijgdhoks&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
XuHUxBcnhPngy9EpsPxwj09AXKF2Ps4Diwkb_FRpp2GJFdRGVlYv5Q==
age
48772
p.html
kloperd.com/r/ Frame EEEC
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=ecuvtcu&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
h4_ZokAB5c1f_pPA0bfkuuUCr4Bsg37aGKv8l_z-Tg0yFuRKb6-eQA==
age
48772
p.html
kloperd.com/r/ Frame C5EF
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=rlgfure&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
TdZalNWMNomp1e5BvbyEOKmDUlNZYtrtegreP1eZFQiWfEqOcUfLMA==
age
48772
p.html
kloperd.com/r/ Frame 2C94
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=nkpmabwdq&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
EXQi35aphdakeNQrLyXluxh0hQgMC0AS99Twyq0E2SGoL-tkYFXA5w==
age
48772
p.html
kloperd.com/r/ Frame 9AA0
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=pfmaontg&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
EbYj2VPgDtkaPncJ6xYOw8AtLQyn5SoIgYyFRkga-Hq-9zXlxTi-qg==
age
48772
p.html
kloperd.com/r/ Frame 8EC0
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=xorgpkthn&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
gjRTWDuD-c26EcBx7Hx2Ki-cMOckTncNrzwwl6KT6KqtqrDpwSWaSw==
age
48772
p.html
kloperd.com/r/ Frame A8E6
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=faaioergch&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
giTKPjCY6iaGzHUBQ_py5HA7hciUJdFoWT-TN4R8YSL-9V_V_t_TTw==
age
48772
p.html
kloperd.com/r/ Frame 6375
10 KB
3 KB
Document
General
Full URL
https://kloperd.com/r/p.html?f=kquythk&e=1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/t.js?i=uqutdxo4sucg5yf9yxm9g&cb=5673981646409635846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

content-type
text/html
last-modified
Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id
6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server
AmazonS3
content-encoding
gzip
date
Fri, 04 Mar 2022 02:27:45 GMT
etag
W/"38b66a5f20dbb4b4a360733bd2cef070"
vary
Accept-Encoding Origin
x-cache
Hit from cloudfront
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
M41zgAl1VsBvhhOgcjlT_k_YWvoaD2gol3k1Yd9zEja4DFEbpMkh7A==
age
48772
js
www.googletagmanager.com/gtag/
92 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-199748785-31
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
70487c009651f1089b756de1415d95e7a7fec53021ad7b3e28b934333020dc1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36635
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Mar 2022 16:00:36 GMT
prebid.js
hb.brainlyads.com/ Frame D4D3
513 KB
156 KB
Script
General
Full URL
https://hb.brainlyads.com/prebid.js
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ade32b1bec47b6f5a0c6f5ecf114cac533a867127db1c11e23ab5c234159f163
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 20:52:49 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"621941a1-8034a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Sun, 06 Mar 2022 16:00:36 GMT
pubads_impl_2022022801.js
securepubads.g.doubleclick.net/gpt/ Frame 8845
365 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
1df7a24523290093157df22484dc0881a2bcf2d5f4dc38e5f4d9cbce0684be97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 15:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2197
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124783
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 09:34:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Mar 2023 15:23:59 GMT
prebid_v4_38.js
hb.adpone.com/ Frame AAB2
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=ruuijhyqan&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5BnxoAvbNWD6uy6rJOwozcswEHhBdFjSkYEnx631iVXv%2BNHmFq6AdC9ixXc3DZRAmtEpr7DFYTImNojW6Kac1txbYWueJY6IkqwVlJyJXFNXcGJhq5oUysUI6%2BHepbjOylt%2B6YVBRtXv%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd3633d3f75c6-LHR
prebid_v4_38.js
hb.adpone.com/ Frame 0AC0
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=nul&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmhPIk8mkYSUU%2BSKfT2pNPPcZ3lvjfIte1h1qpZ36bYV%2B6IEsKjfFIauQUHVoM9nOfqeBzndvc6e3fXDvD7Uikj5cHUFZZzhAyKZb%2FTFQUseUgsyHPwb4KN%2B0sfoND9exMT8R77DpfqA5HU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd3636d7c75c6-LHR
prebid_v4_38.js
hb.adpone.com/ Frame 99B9
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=wiwarbj&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpqOoshw%2BKOBUrHvQ94AeIsShvLRDSLP2B9gzGH6xEWXwn4pCgFuPZSOyYNlri67upfNAvfWMVqc4qtVh5nsDLhz%2BtKICCkWX%2BJfZUWy%2BsL4NG1c3%2FqBaratk26uLtK34okhTe2sAfPFY6o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd363adf675c6-LHR
prebid_v4_38.js
hb.adpone.com/ Frame 9E26
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=dqcajjjmku&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gueCebnmv8Z6FgclBxceMtf%2FGMmMDeehALMCkBYZpPUGt8x%2FX1nu6Vn%2B5CfUbNvj67PpcNibUAYoe7y1wixeQGqdJtmMEwYlYm5tN%2Fh1nn2pSK7WHMtrUimzfpTwlE7TVkMn2Q8kAy1xDVg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd363de3975c6-LHR
prebid_v4_38.js
hb.adpone.com/ Frame 841C
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=ylzmyhrz&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNNO%2BDaAIFzcM3mfpw2xmnY9HQG%2BtyNCQ2SuOYKVnp86s2v4ORtcVNp1uXf14KgHLqaRB1tbndvippxLo01GrPrsTiJ8VPTOdg%2FaYwycMZipImSVttGPI228RURO2cqKnVvJu2%2F1zGC%2FdZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd363ee6075c6-LHR
prebid_v4_38.js
hb.adpone.com/ Frame 9236
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=htodwi&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iy5AQj%2BAi5v3feXqPZl%2BS9piwqbZR5AFO1NB68cEI8iHAZUC7omXGyjep%2Fuj3O%2FjXMZpCKZ0U0wnfwOFqekD41cqUF7diRBupnTe5xlfWg4VBo2r0OWM9d6OBonQ2Qoj3%2FJLbcfoiQc5b8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd3641e8e75c6-LHR
prebid_v4_38.js
hb.adpone.com/ Frame C2EA
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=ijgdhoks&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wn4diyIibyYwDxt3fgv9ZXFpkOHe03hiVYCEm5Qi0eXIpgxmP33kPbAiD0In7%2F4h79Z2Yd4wv5h%2Fnh7vGiuAZDQf0HbZkfPtdSV%2FhdsSeCmRiVcCv5XLAKPBKec6rMKP9onk%2F87US2WPYYk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd3641ea175c6-LHR
prebid_v4_38.js
hb.adpone.com/ Frame EEEC
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=ecuvtcu&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ve7TXcxkzXIMLGFpseaw8NDd2UzW3v1otE89Uq8bTxhA5CorB%2FPuj4OXArZvj9WxGbErBs%2FFFu3GahL7jla28o4Kve%2ByGgTtQVXoEm5zw1SEiGorSHn2A5niQfgFYdwFPxD7HmVDpbm10I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd3641ea575c6-LHR
prebid_v4_38.js
hb.adpone.com/ Frame C5EF
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=rlgfure&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0aK2%2BdHsnfb2MGnVwaCY2otes0gcf3NBWhqmz%2BfluuDrShRrBQbjfDcaYizqs30thOwsMmRCJyukpvkLw3B%2FeLFMcuZ%2BRSXp6MVhu3NCzBsCMxb3N7jPX7WWfs41gP4axhD1ZoX%2BDa7QEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd3642ec575c6-LHR
prebid_v4_38.js
hb.adpone.com/ Frame 2C94
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=nkpmabwdq&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Eetz1059iDQ0xsZaLIyY68qw8hlc6CP5zKhKGgICUnL16p4GVEzupD%2BpLW6VjSwt7O5nlamHzZ3AGSAvBKuiYpm9NRyh4yTfhKD8kXOiseYZmddIppjJ6Jt07Sr10WuUTY4g22Uu8bI3mI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd3643edb75c6-LHR
prebid_v4_38.js
hb.adpone.com/ Frame 9AA0
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=pfmaontg&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FHEkZPEyU0ScrrTMwuLP4kEXCy0TUQPEReLFHJHc9riKVL6SJE8%2FpAgDND%2FHR52wly6OZPOfkL%2F8bNWA%2FNRS%2Bc5IY%2FE9tT1NRZhr3zvvbnU1n0vMrmInt35eNBKQMDr3DZI4WpajZ89AhA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd3644ef075c6-LHR
prebid_v4_38.js
hb.adpone.com/ Frame 8EC0
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=xorgpkthn&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bONDdZf3WbgZAldxnGihF6P9Oo11w0qBpMljXh1RTlZvcTw4tzN9Ld5zhvBm36Bzzo764iTVtB9FoJMorKqqQj2a%2BMx%2B%2FG3aeVsFhcGsAGa3AvJjHJ6WhJfCaCxc%2BUKQvMte7MupNJ2tgM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd3645f1375c6-LHR
prebid_v4_38.js
hb.adpone.com/ Frame A8E6
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=faaioergch&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YoiQBcG0UwADRSnrSKRtUA0eVP7%2Fcjb2Q3JNNVDiyJkE%2BKUa7o3FGQlY9tSnuhsBFBIwUHQaGHaKrK6p%2B5A2x%2BogVLiXcL8qlHBkl1ZxP1H%2F7NUw7q0slX5%2Bo9pGmYKtfvq%2FZb8h1u467yc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd3645f2f75c6-LHR
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-199748785-31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6944
date
Fri, 04 Mar 2022 14:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 04 Mar 2022 16:04:52 GMT
prebid_v4_38.js
hb.adpone.com/ Frame 6375
368 KB
109 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_38.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=kquythk&e=1959133272352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2710
x-amz-request-id
SJQZG5RTHDHK4F40
x-amz-id-2
Ulvj28FKxRryuLPZIwkii4Mi6JtzqNKV9IKEYoeLjDPTNO73Wvjp8YtuA2Wvl7Xy9thjtSlyMUA=
last-modified
Thu, 06 May 2021 15:08:19 GMT
server
cloudflare
etag
W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZ5KsnxMEiWQrQ4msiGXulHI4hx6SYmLf3bBS6eM9TIhrxBTwnsniGutJlV%2BoPE4qQYCjeM3iJrIRj6slLfYUqXXt4fP5zZUrKEO2BMLNMVKf3XQzYEz3CvmTX1nG5taqZ1FjnAq2elTc5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray
6e6bd3647f5875c6-LHR
integrator.js
adservice.google.de/adsid/ Frame 8845
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pixeldrain.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8845
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pixeldrain.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8845
51 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=384220114077430&correlator=4006538176132925&eid=31064685%2C31065288%2C31065442%2C31065497%2C21064372%2C31065400%2C31065430&output=ldjh&gdfp_req=1&vrg=2022022801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=21671350435%3A22665475421%2C160x600-299__pixeldrain.com_.___default__160x600_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=1&cookie=ID%3Da63ec44ca2465819-22568a6554cd00bf%3AT%3D1646409635%3AS%3DALNI_MY-uO4QHZTH-NGLvO0EUqJgSHir_A&cdm=pixeldrain.com&abxe=1&dt=1646409636609&lmt=1646409636&dlt=1646409636127&idt=458&biw=1600&bih=1200&isw=160&ish=600&oid=2&adxs=1440&adys=157&ucis=m96sjb8yl8tr&adks=4029182972&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fpixeldrain.com%2Fu%2FDYhuEsXr&top=https%3A%2F%2Fpixeldrain.com%2Fu%2FDYhuEsXr&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x600&msz=160x0&fws=256&ohw=0&ea=0&ga_vid=1521597001.1646409637&ga_sid=1646409637&ga_hid=849725495&ga_fc=false&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
88714a4abee884f6dcc13efd84a988d1d6b1edd861f6344ad6a8e21d9c4d1d55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12059
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pixeldrain.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8845
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022022801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
230b5ccea2021d7d4538236da23f5639ad3b56a57489374d32713637b6f24882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10578
x-xss-protection
0
container.html
124a63075f6f3b1fcf587f01674c5ced.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D8C9
6 KB
0
Document
General
Full URL
https://124a63075f6f3b1fcf587f01674c5ced.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 04 Mar 2022 16:00:36 GMT
expires
Sat, 04 Mar 2023 16:00:36 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prebid
ib.adnxs.com/ut/v3/ Frame AAB2
12 KB
6 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ec863800c69f561a5bd5df8cc7bdec6cbc4ae9917a28e0a96fd81df38d55aba2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
88f3877e-19cc-458a-a3c6-86bc19b600e7
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame AAB2
5 B
481 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD0xZTkyMjNlOC05NTFkLTRkZTEtYTBjMy00MzJkODRhODZiZTQ%3D&pt=gross&stid=f130b433-5ae0-4a7a-87b7-2a233757a583&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame AAB2
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=1338452708
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
adjson
ads.betweendigital.com/ Frame AAB2
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
arj
adpone-d.openx.net/w/1.0/ Frame AAB2
73 B
376 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=1e9223e8-951d-4de1-a0c3-432d84a86be4&nocache=1646409636652&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636342&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4919ba2d628b1e13b760c0a80012a76e1b474780adf617fe62a6d287c8138263

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame AAB2
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
/
adx.adform.net/adx/ Frame 0AC0
5 B
481 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD0wNjM5YWJhNi1hNzEzLTQ2OWYtOWViYS03NThiNjM3NmY4MjQ%3D&pt=gross&stid=aedb85c6-c770-4ab3-8d12-d8f3dca63b4d&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 0AC0
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
adjson
ads.betweendigital.com/ Frame 0AC0
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 0AC0
12 KB
6 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f58f007ec184ea7bac8cdf0ec91417ed3b0d502d45d0ec0b10cd6f0a25ca31ad
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dd03e10b-3506-4ff9-9144-8daad3098c33
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 0AC0
73 B
145 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=0639aba6-a713-469f-9eba-758b6376f824&nocache=1646409636677&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636371&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
02adf012dfa8a3dfe10f21fba5d496559fdbd63d831d5acbb75472f97563ebfa

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame 0AC0
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=30826177950
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
arj
adpone-d.openx.net/w/1.0/ Frame 99B9
73 B
145 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=598f0858-1455-49f1-8177-c0eb19e5a33c&nocache=1646409636731&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636415&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
8853df37d62103b821f9da9119a737d30c481619cd2cd08072cbe3c9b0a4b314

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame 99B9
5 B
482 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD01OThmMDg1OC0xNDU1LTQ5ZjEtODE3Ny1jMGViMTllNWEzM2M%3D&pt=gross&stid=5fb21cbc-81d9-4869-b2c4-9cdbee11b880&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 99B9
12 KB
6 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
816783f14d2f4d5e75a59c00225f3bd62949ba0ed22496330a6916bc0d2b2b35
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 04 Mar 2022 16:00:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
47bcd586-a2eb-438e-a1a3-9f06c47fc164
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ Frame 99B9
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ Frame 99B9
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=22856546488
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 99B9
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
/
adx.adform.net/adx/ Frame 9E26
5 B
481 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD1iMmZlZmUwYi01ODA5LTRmM2YtODVkOC1mNDRmMWQ4OGFmMjA%3D&pt=gross&stid=7b0dce35-5053-4578-95e2-30b9af418348&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
adpone-d.openx.net/w/1.0/ Frame 9E26
73 B
145 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=b2fefe0b-5809-4f3f-85d8-f44f1d88af20&nocache=1646409636748&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636433&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
3c0c388e728c9320a5d2d5aaa053091b053be9e935905fbdfe0018332278c7ff

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame 9E26
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=49582581001
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:35 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 9E26
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:35 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
adjson
ads.betweendigital.com/ Frame 9E26
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 9E26
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c9cb22ba37abcff94f1d39240acf6f126ee55ca17f3974295d941dec4be866e8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:36 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c7988aa3-8ac5-4724-8523-be9fc0e61cf3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 841C
13 KB
7 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
57d78baceb6ea0dc53d7a5c1e76307068dfcd90d81b1cd0e6a4f02e03ef6d1ac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3c5eb8ac-693b-4dfd-915b-9a90a0821c94
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 841C
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
adjson
ads.betweendigital.com/ Frame 841C
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
arj
adpone-d.openx.net/w/1.0/ Frame 841C
72 B
100 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=5639f586-e6c8-4d83-826b-ffe630defc4a&nocache=1646409636761&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636456&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
d801a6bd2d5f3db41792436ce95098ecf92a334ceb6d9d6e8dc6fcd0490d39a1

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame 841C
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=61350909630
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
adx.adform.net/adx/ Frame 841C
5 B
481 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD01NjM5ZjU4Ni1lNmM4LTRkODMtODI2Yi1mZmU2MzBkZWZjNGE%3D&pt=gross&stid=d58d8dc2-6785-4647-99a3-acbf22fb6c9f&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 9236
12 KB
6 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
38dabdbd3879de34054b47802ef7b4e697386db3d00661a9d3d24674736b121b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fbeadecc-1e10-4fc1-9fc7-df5ba754e159
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 9236
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ Frame 9236
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=96430140337
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
adjson
ads.betweendigital.com/ Frame 9236
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
/
adx.adform.net/adx/ Frame 9236
5 B
481 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD1lMzhlN2JiYS02NWYxLTQ4MDYtOGQ1My00MWRiMTU5OGQyZTI%3D&pt=gross&stid=3a0c59d4-7c5d-4875-ae60-fcdfacaf9015&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
adpone-d.openx.net/w/1.0/ Frame 9236
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=e38e7bba-65f1-4806-8d53-41db1598d2e2&nocache=1646409636799&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636469&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
31ebc2dd9988cd76b54eb398aaad2da83cc690738053865271ff1864d41a9c80

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame C5EF
12 KB
6 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
775833c4ab855c35734aeff9682f0cbd9f277375054e2adcdfec01ab836c1618
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f57067ca-69cd-458e-9964-9bb625c046a3
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ Frame C5EF
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
v1
prg.smartadserver.com/prebid/ Frame C5EF
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
adpone-d.openx.net/w/1.0/ Frame C5EF
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=35ea2a72-af01-466a-81c6-786edfec4ef6&nocache=1646409636845&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636495&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
2453447de00540f2af86f05dc03cc6bdaf35084421b9e7ea52cf3574a2026fdd

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame C5EF
5 B
481 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD0zNWVhMmE3Mi1hZjAxLTQ2NmEtODFjNi03ODZlZGZlYzRlZjY%3D&pt=gross&stid=4fc0d16c-3116-4dfe-8701-d82316a0bc67&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame C5EF
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=92536440717
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 2C94
12 KB
6 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ac0bf7475310a2a72128b2a002b451b6653b55591850d5bdc36f47b28baa96d9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0d003515-7f04-484f-a4ef-55123136fe33
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 2C94
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=45248051168
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:35 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
arj
adpone-d.openx.net/w/1.0/ Frame 2C94
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=79c3f075-3b61-4716-be04-5759f5b077db&nocache=1646409636856&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636503&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
385b26d810fc09eb49a5ba157fecff4079e35a65d328557f4b9539783813cc9e

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
adjson
ads.betweendigital.com/ Frame 2C94
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
v1
prg.smartadserver.com/prebid/ Frame 2C94
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:35 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
/
adx.adform.net/adx/ Frame 2C94
5 B
481 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD03OWMzZjA3NS0zYjYxLTQ3MTYtYmUwNC01NzU5ZjViMDc3ZGI%3D&pt=gross&stid=f6c19d75-d160-422d-9daf-feb6db23b548&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame EEEC
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6539ff7208f803b3400ebc146bf81ffc85290b4e1fc1962c53e230167548da32
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c45c68bc-0904-4aba-a828-e3471e997afb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame EEEC
5 B
481 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD0yMmE3YmY5YS0yNzM5LTRiYmMtYjVjZS1jYTI5OTUzNjkyNzY%3D&pt=gross&stid=13b9f697-278f-431a-8b78-2a13f4179caa&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame EEEC
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=69114138310
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
arj
adpone-d.openx.net/w/1.0/ Frame EEEC
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=22a7bf9a-2739-4bbc-b5ce-ca2995369276&nocache=1646409636865&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636488&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
77b7a287b43a39795f69e1a02dd7575ad5b9d2b572b0883fb6c4f347f6249a02

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame EEEC
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
adjson
ads.betweendigital.com/ Frame EEEC
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ Frame 9AA0
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=96220286093
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 9AA0
143 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
69eec237f67ffbc276dadb9f4c1753933fddec624ce86d135e74276647e7f448
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
74bd5f88-b282-4841-bce3-2f1642be73de
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 9AA0
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
adjson
ads.betweendigital.com/ Frame 9AA0
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
/
adx.adform.net/adx/ Frame 9AA0
5 B
481 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD0zNDI5NzY0NC05YmI1LTQzMDAtYTA5Yi03ODAzMTg3ZTNmNmM%3D&pt=gross&stid=487a5dfa-c6f3-4b84-b9bf-89af1ac31a92&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
adpone-d.openx.net/w/1.0/ Frame 9AA0
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=34297644-9bb5-4300-a09b-7803187e3f6c&nocache=1646409636873&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636511&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
f49df63ac1474f1835471a10fa33641888b0af5eee53c10da142fe11befc56cb

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame A8E6
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=11095925044
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame A8E6
138 B
823 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
967558ed8abca4a09f872aee7af446391fb8addc154f48bca0f9155ea6de35e3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0257bf8f-2281-43d2-bbea-cc0650d17ef4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame A8E6
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
/
adx.adform.net/adx/ Frame A8E6
5 B
481 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD0yOWVmZTM5ZC1jZDNiLTQyZTItOGE2NC1iNmRhNTA1MTIxMjc%3D&pt=gross&stid=b90873a2-28f2-45d5-a9ef-5f42538b6d57&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
adjson
ads.betweendigital.com/ Frame A8E6
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
arj
adpone-d.openx.net/w/1.0/ Frame A8E6
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=29efe39d-cd3b-42e2-8a64-b6da50512127&nocache=1646409636889&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636528&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
bcda11788d3022977ea450aa114de8909bb38a269bb8dee0d993b45ee74f7114

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8845
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 04 Mar 2022 16:00:37 GMT
v1
prg.smartadserver.com/prebid/ Frame C2EA
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame C2EA
16 KB
7 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0cd78f7e5c694e1b272e568ef72dbd0a8132b8a15552aae85c7494f08de24e48
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c1675fcc-9671-4719-8d3f-44d0a43f165f
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame C2EA
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=18068601661
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
adjson
ads.betweendigital.com/ Frame C2EA
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
arj
adpone-d.openx.net/w/1.0/ Frame C2EA
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=f8f866d1-e2cd-43fc-8005-bba9db970e77&nocache=1646409636904&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636478&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
018b31eac0a7945bfa736671200ff5c7feb07d2419c85e196526eb9a8e6fb247

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame C2EA
5 B
481 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD1mOGY4NjZkMS1lMmNkLTQzZmMtODAwNS1iYmE5ZGI5NzBlNzc%3D&pt=gross&stid=9ade8943-adf3-4e10-bb80-cd6bf07bd711&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ Frame 6375
5 B
481 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD1mZmJiNmE2OC0xNTEzLTQ1NmMtODcyOC0zNzk1OWE4OWM2NjQ%3D&pt=gross&stid=21bdf968-11f2-4c5f-b12b-941f8b2bd361&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 6375
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=7788489017
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 6375
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f35d5db4356384d45e39d73708d5ad2fef15655340a30652f675204d803cc85c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2ed9202a-cf68-4e30-bb54-8fe82c0cfd3a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 6375
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
adpone-d.openx.net/w/1.0/ Frame 6375
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=ffbb6a68-1513-456c-8728-37959a89c664&nocache=1646409636916&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636541&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
e69503c254511309f0bf462624e54f96cd56c875fb4d21a570e02a74cf611e9e

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
adjson
ads.betweendigital.com/ Frame 6375
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ Frame 8EC0
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=91359243508
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 16:00:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://kloperd.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 8EC0
0
333 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://kloperd.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 8EC0
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
25269af52b17154256ead268251fc10150c40fa1490324ad11c34f3ad0cc80a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
54740169-f1d8-4b05-bc2e-fa014eea403c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 8EC0
5 B
481 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyMDA5NDcmdHJhbnNhY3Rpb25JZD02ZjZlZGQ0Yy02ODdlLTQ1NmItYTNkNS0wNDM2ZjA5ZWRkYTM%3D&pt=gross&stid=4e0f624a-b37e-4ef6-bace-0de09e1f084b&fd=1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://kloperd.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
adpone-d.openx.net/w/1.0/ Frame 8EC0
73 B
101 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpixeldrain.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=6f6edd4c-687e-456b-a3d5-0436f09edda3&nocache=1646409636930&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1646409636520&auid=545739374
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
42e2ae1549344309792056adec51ce8016b52e9adfb71afae09290171dc9eb9f

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:36 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kloperd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
adjson
ads.betweendigital.com/ Frame 8EC0
2 B
339 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kloperd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=40863377&t=pageview&_s=1&dl=https%3A%2F%2Fpixeldrain.com%2Fu%2FDYhuEsXr&ul=en-us&de=UTF-8&dt=Prv5445.jpg%20~%20pixeldrain&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=2056580406&gjid=1116270189&cid=1819317573.1646409636&tid=UA-199748785-31&_gid=7588051.1646409637&_r=1&gtm=2ou320&z=1434596414
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pixeldrain.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pixeldrain.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022202072236000/ Frame BFFF
220 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022202072236000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9c141103b57e547274799df03069c30320e8cb3ec4facad8e6fe7f658f985fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
558178
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61570
x-xss-protection
0
server
sffe
date
Sat, 26 Feb 2022 04:57:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"55d07b8fd23efb21"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 26 Feb 2023 04:57:39 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022202072236000/v0/ Frame BFFF
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022202072236000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
558178
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5708
x-xss-protection
0
server
sffe
date
Sat, 26 Feb 2022 04:57:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4c9170e21c83610c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 26 Feb 2023 04:57:39 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022202072236000/v0/ Frame BFFF
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022202072236000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
558178
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29623
x-xss-protection
0
server
sffe
date
Sat, 26 Feb 2022 04:57:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f660f99fdfd5d6c6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 26 Feb 2023 04:57:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022202072236000/v0/ Frame BFFF
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022202072236000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
558179
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1844
x-xss-protection
0
server
sffe
date
Sat, 26 Feb 2022 04:57:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b0f41eb8e6d0a727"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 26 Feb 2023 04:57:38 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022202072236000/v0/ Frame BFFF
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022202072236000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
558178
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13623
x-xss-protection
0
server
sffe
date
Sat, 26 Feb 2022 04:57:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14164defe327400f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 26 Feb 2023 04:57:39 GMT
css
fonts.googleapis.com/ Frame BFFF
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 15:31:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 04 Mar 2022 16:00:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Mar 2022 16:00:37 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BFFF
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 02:56:26 GMT
x-content-type-options
nosniff
server
cafe
age
47051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Sat, 05 Mar 2022 02:56:26 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BFFF
344 B
449 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
82892
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 04 Mar 2022 16:59:05 GMT
l
www.google.com/ads/measurement/ Frame BFFF
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNw-lrMDRDBHSUqPPxajegPYdtSQo1x80UrKGejNwKCZz_Ar5UICesx81hd6875VdAlVq59iACkREqzoABlepDC0yRBA
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame BFFF
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxfGXpDciYvjIKaG6lQfS4JLYCevR6qZo4Z7fhZQP0630_QgQASDW5sVYYPkFoAGJlvXvA8gBCeACAKgDAcgDCqoE6AFP0MVJHD9zaQODIelLdNPJp0CoBmUwnvgvd2IJuyvV3LMHKYld1lQUD6IW_ZBDAfPBu5tJ4x0w4IIEzKKHjRDT1sejXoHioprcXmE1e8E0EXadWBUdD-iu0u0LMJOaCsquuyg2czgGKIzJx1HtlTng1Feu2bPj3jZ74tNsEvhEk36kJAF9qi1QS_u3rp0DjHYG89AA7lKAI3lFSBEPrSLo3u0soYZoMckJs2lT_LTOuUTnjb3CWk_gSS5aUJ3hPeUbRm4_uAvNpZrWQwTzTI_09F_0PS_qa_ievDzUiC5DNVV_sc5ssPxuwASkjqOLkATgBAGgBi6AB9_pihCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDb8AHSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi05NTA4NjI5OTY2MDk3NzkzgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTIxMjg3NTcxNjc4MTI2NjMY3O1q&sigh=ZDC2JDs0dr4&uach_m=[UACH]&template_id=484
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 88BF
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 04 Mar 2022 15:23:34 GMT
expires
Sat, 04 Mar 2023 15:23:34 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
2223
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B864
783 B
999 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
da937cf0f16decad13192ba0eda2d12924e94c888fca1e84f9b8f74bd1e8f1c7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JsxLyJqwiL4rbqCwzYbY9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 04 Mar 2022 16:00:37 GMT
date
Fri, 04 Mar 2022 16:00:37 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-JsxLyJqwiL4rbqCwzYbY9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 996E
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTYOej0XWOTNgdQ6fCm2lCYt0v1EIYa2n3qm4PzZM7i8eMMvMTuH3baes4qlAhLE4yr6PbV4gqTLbi35SzF4k5O-GddioVk6RgzXqe3pIiSkpz0UV4&sig=Cg0ArKJSzOqJPve0kDmWEAE&id=lidar2&mcvt=1001&p=157,1440,757,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220302&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3672245420&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646409635841&rpt=235&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rd_log
fra1-ib.adnxs.com/ Frame 6CCB
0
813 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKXDOgXBgAAAwDWAAUBCKTviJEGELSQ45-Hj43YeBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXiz2AWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFSMXRfRlFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTJPRG5nQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXNUxLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITR4UVRhZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGxBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAcAu2AIA4AKbhU7qAhdodHRwczovL3BpeGVsZHJhaW4uY29tL_ICEQoGQURWX0lEEgcxaRkFFAhDUEcFFBg0MjkzMTU1ARQIBUNQARNgCDM1OTk4NTI38gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYMA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Njg52gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ogpAAMgHs9gF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB6q5EYoIAhAA&s=a4927f497d3b0ba74d93de477ffbe14dde4a5539&bdref=https%3A%2F%2Fpixeldrain.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpixeldrain.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dnul%26e%3D1959133272352,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dnul%26e%3D1959133272352&
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
227cc7d2-5ee9-4f44-b562-d94fe8afe8e2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 6CCB
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Age
716526
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21933-LGA, cache-lcy19283-LCY
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1646409637.197074,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 377526
it
fra1-ib.adnxs.com/ Frame 6CCB
0
813 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fpixeldrain.com%252F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGELSQ45-Hj43YeBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXiz2AWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFSMXRfRlFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTJPRG5nQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXNUxLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITR4UVRhZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGxBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Njg52gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB7PYBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=6d93adc1e2302811864859fe9caf67696272c26e
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0ddaa569-1760-466f-b32f-e6ec565c7086
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/ Frame 6CCB
82 KB
83 KB
Image
General
Full URL
https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.19.0 /
Resource Hash
757dfd01705d47b563c3fe285bcb85f22f3dfd15a582832ea61153585c199646

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Last-Modified
Wed, 01 Sep 2021 11:27:26 GMT
Server
nginx/1.19.0
x-amz-request-id
dcdcb26e-2ad0-466a-b23b-d87227eb6725
X-Clv-Request-Id
dcdcb26e-2ad0-466a-b23b-d87227eb6725
ETag
"881f94d9050c487cd616687b1840e96f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=3888000
X-Clv-S3-Version
2.5
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84255
Expires
Mon, 18 Apr 2022 16:00:37 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D1B8
Redirect Chain
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=750280252
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
82 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=ylzmyhrz&e=1959133272352
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
c46e294b9f60f10b21bd6adc61a09a443ed5b951484039d7d67f852b43066f6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28020
x-xss-protection
0
server
sffe
etag
"1149 / 199 of 1000 / last-modified: 1646408612"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 04 Mar 2022 16:00:37 GMT

Redirect headers

date
Fri, 04 Mar 2022 16:00:37 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 04 Mar 2022 16:30:37 GMT
rd_log
fra1-ib.adnxs.com/ Frame D1B8
0
813 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QLFDuhFBwAAAwDWAAUBCKTviJEGEJe1s_bsqrvqERgAKjYJVMGopE5Agz8RH94xRGf8ez8ZAAAAgML14D8hHw0SBClVDSTwfTEAAABA4XqEPzC6yIgLOJhQQLsGSAJQn6PQogFYi7SWAWAAaPbFsgF44tUFgAEBigEDVVNEkgEDRVVSmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKApUBdWYoJ2EnLCA0NDc2MjgsIDE2NDY0MDk2MzYpOwEcMGknLCA1MDU3MTYyLCA-HQAsZycsIDE3MDYxMzM3Rh4AMHMnLCAyNzEwMDE1ODBGHwAwcicsIDM0MTA1Mzg1NTYfAPC8kgLhBSFLcElvdXdqMjI5OFlFSi1qMEtJQkdBQWdpN1NXQVRBQk9BQkFBRWk3QmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBZHpacU41SFBvTV93UUhjMmFqZVJ6NkRQOGtCQUFBQVlFOFI3al9aQVFBQUFBQUFBUEFfNEFHSzFiUUM5UUVBQUFCQW1BSUFvQUlBdFFJQUFBQUF2UUlBASzwfXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTHFqang4UUFoZ0NMUUFBZ0QtaUF3NEl1cU9QSHhBSUdBSXRBQUNBUDZJREV3aWRsczBmRUFvWUFTMTdpbkFfTWdOMWJtdWlBdzRJdXFPUEh4QUxHQQ008GU3b0RDVVpTUVRFNk5EUXlNZUFENFMyQUJJbnE4QVNJQk55WjVBZVFCQUNZQkFTeUJBa0k5LVFTRUtEb2lnMnlCQW9JMWZxTERoQ2c2SW9OdWdRZkNJVUVFWnFabVptWm1ja19HUUEB7wUBIElPTHhxQTBnMQE0LHJvRUdRaVFDaEdhbQEsGFptcFB4a0EVARxDRDM1QkxCQhERFE5BX3lRUREOIEFBTmdFQVBFRRkReENJQmNVaW1BWHN6NXlCQWFrRnhqTm82Sl9nN0QteEIdOwh3UVUZNwhNa0YRDQw4RF9SLigAADIVKLhEd1AtQUZyQWZ3QmRtcmtRajRCWXlwRzRJR0ExVlRSSWdHQUpBR0FaZ0dBS0VHQRFRKEVDb0JnU3lCaVFKERMMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFlaEphRkE65QIsSXUwbGdFZ0FDZ0FNFdlQQkFPZ2xHVWtFeE9qUTBNakZBNFMxFXkIOEQ5HXkAQh15AEIVeQwwRDlwCYEBAQRCeAEGCQEQQjRBSWs1jMg4RDgu2AIA4AKbhU7qAhdodHRwczovL3BpeGVsZHJhaW4uY29tL_ICEAoGQURWX0lEEgaJPjDyAhIKBkNQR19JRBIIkRgBFQgFQ1ABFAAJlQ4Q8gINCggBPRRGUkVREgEJEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYQAHjaoA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8IaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MjcjRlJBMTo0NDIx2gQCCAHgBAHwBJ_BICCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt0AAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGALgGAMEGAR8wAADwP9AG_wHaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOKIKQADIB-LVBdIHDRV0ATgI2gcGCSdE4AcA6gcCCADwB6q5EYoIAhAA&s=077362629b874325d0b759e2d19b254bedd4e311&bdref=https%3A%2F%2Fpixeldrain.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpixeldrain.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dylzmyhrz%26e%3D1959133272352,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dylzmyhrz%26e%3D1959133272352&
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
be3410ea-2b40-481c-b9d0-b8a99968a5f8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame D1B8
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Age
716528
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21933-LGA, cache-lcy19233-LCY
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1646409637.195330,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 933091
it
fra1-ib.adnxs.com/ Frame D1B8
0
813 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fpixeldrain.com%252F&e=wqT_3QKvDOgvBgAAAwDWAAUBCKTviJEGEJe1s_bsqrvqERgAKjYJVMGopE5Agz8RH94xRGf8ez8ZAAAAgML14D8hHw0SBClVDSTwfTEAAABA4XqEPzC6yIgLOJhQQLsGSAJQn6PQogFYi7SWAWAAaPbFsgF44tUFgAEBigEDVVNEkgEDRVVSmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKApUBdWYoJ2EnLCA0NDc2MjgsIDE2NDY0MDk2MzYpOwEcMGknLCA1MDU3MTYyLCA-HQAsZycsIDE3MDYxMzM3Rh4AMHMnLCAyNzEwMDE1ODBGHwAwcicsIDM0MTA1Mzg1NTYfAPC8kgLhBSFLcElvdXdqMjI5OFlFSi1qMEtJQkdBQWdpN1NXQVRBQk9BQkFBRWk3QmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBZHpacU41SFBvTV93UUhjMmFqZVJ6NkRQOGtCQUFBQVlFOFI3al9aQVFBQUFBQUFBUEFfNEFHSzFiUUM5UUVBQUFCQW1BSUFvQUlBdFFJQUFBQUF2UUlBASzwfXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTHFqang4UUFoZ0NMUUFBZ0QtaUF3NEl1cU9QSHhBSUdBSXRBQUNBUDZJREV3aWRsczBmRUFvWUFTMTdpbkFfTWdOMWJtdWlBdzRJdXFPUEh4QUxHQQ008GU3b0RDVVpTUVRFNk5EUXlNZUFENFMyQUJJbnE4QVNJQk55WjVBZVFCQUNZQkFTeUJBa0k5LVFTRUtEb2lnMnlCQW9JMWZxTERoQ2c2SW9OdWdRZkNJVUVFWnFabVptWm1ja19HUUEB7wUBIElPTHhxQTBnMQE0LHJvRUdRaVFDaEdhbQEsGFptcFB4a0EVARxDRDM1QkxCQhERFE5BX3lRUREOIEFBTmdFQVBFRRkReENJQmNVaW1BWHN6NXlCQWFrRnhqTm82Sl9nN0QteEIdOwh3UVUZNwhNa0YRDQw4RF9SLigAADIVKLhEd1AtQUZyQWZ3QmRtcmtRajRCWXlwRzRJR0ExVlRSSWdHQUpBR0FaZ0dBS0VHQRFRKEVDb0JnU3lCaVFKERMMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFlaEphRkE65QIsSXUwbGdFZ0FDZ0FNFdlQQkFPZ2xHVWtFeE9qUTBNakZBNFMxFXkIOEQ5HXkAQh15AEIVeQwwRDlwCYEBAQRCeAEGCQEQQjRBSWs1jPDXOEQ4LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MjcjRlJBMTo0NDIx2gQCCAHgBAHwBJ-j0KIBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5o2AUB4AUB8AUn-gUECAAQAJAGAJgGALgGAMEGAR8wAADwP9AG_wHaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOKIKQADIB-LVBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=5522410d6c608b4dbfd8e6ff217feb3b03806a13
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2ef90c02-2463-4de2-8426-e8d5d3537813
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/13310236275356373184/ Frame BFFF
27 KB
27 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13310236275356373184/2076313506083323656
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae41d1801e59d6ff92893ef85d890d81860c7115fbad308319d0799a7c32312c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Feb 2022 03:39:37 GMT
x-content-type-options
nosniff
age
562860
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27910
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 14:36:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 26 Feb 2023 03:39:37 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/5583798034054926693/ Frame BFFF
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5583798034054926693/downsize_200k_v1?w=100&h=100
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90fb9564af2a051526dc11a85ade868a941dcbbabd941839b151f0537e81f800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 12:49:07 GMT
x-content-type-options
nosniff
age
270690
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1607
x-xss-protection
0
last-modified
Thu, 20 Aug 2020 10:42:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 01 Mar 2023 12:49:07 GMT
truncated
/ Frame BFFF
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BFFF
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5dd8a7f2df48587f09526eb587b43d8b21fde01e52745f86cf6fcb70f7a2d05

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BFFF
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pixeldrain.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 20:07:55 GMT
x-content-type-options
nosniff
age
244362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Mar 2023 20:07:55 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BFFF
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pixeldrain.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 11:22:37 GMT
x-content-type-options
nosniff
age
189480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Mar 2023 11:22:37 GMT
6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/ Frame 9D6B
82 KB
83 KB
Image
General
Full URL
https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.19.0 /
Resource Hash
757dfd01705d47b563c3fe285bcb85f22f3dfd15a582832ea61153585c199646

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Last-Modified
Wed, 01 Sep 2021 11:27:26 GMT
Server
nginx/1.19.0
x-amz-request-id
dcdcb26e-2ad0-466a-b23b-d87227eb6725
X-Clv-Request-Id
dcdcb26e-2ad0-466a-b23b-d87227eb6725
ETag
"881f94d9050c487cd616687b1840e96f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=3888000
X-Clv-S3-Version
2.5
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84255
Expires
Mon, 18 Apr 2022 16:00:37 GMT
rd_log
fra1-ib.adnxs.com/ Frame 9D6B
0
813 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKXDOgXBgAAAwDWAAUBCKTviJEGENmAwfjYhd-ncBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXil2QWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFSVnNaRWdpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTBORFRnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYRUtxa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITJCUUpadzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAcAu2AIA4AKbhU7qAhdodHRwczovL3BpeGVsZHJhaW4uY29tL_ICEQoGQURWX0lEEgcxaRkFFAhDUEcFFBg0MjkzMTU1ARQIBUNQARNgCDM1OTk4NTI38gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYMA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1NDQ02gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ogpAAMgHpdkF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB6q5EYoIAhAA&s=e17b13fcca14587175a89cf894fbfb0f3fa7b10b&bdref=https%3A%2F%2Fpixeldrain.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpixeldrain.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Drlgfure%26e%3D1959133272352,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Drlgfure%26e%3D1959133272352&
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0346ec2c-9ad3-45cf-8c72-bdb2ddc97515
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 9D6B
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Age
716528
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21933-LGA, cache-lcy19233-LCY
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1646409637.212830,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 933092
it
fra1-ib.adnxs.com/ Frame 9D6B
0
813 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fpixeldrain.com%252F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGENmAwfjYhd-ncBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXil2QWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFSVnNaRWdpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTBORFRnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYRUtxa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITJCUUpadzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1NDQ02gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB6XZBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=28982ffe92954f16bb6a457668d29b6d31613675
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2d33ef70-1b3c-43ed-b82a-0b1bace101e4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/ Frame 2A42
82 KB
83 KB
Image
General
Full URL
https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.19.0 /
Resource Hash
757dfd01705d47b563c3fe285bcb85f22f3dfd15a582832ea61153585c199646

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Last-Modified
Wed, 01 Sep 2021 11:27:26 GMT
Server
nginx/1.19.0
x-amz-request-id
dcdcb26e-2ad0-466a-b23b-d87227eb6725
X-Clv-Request-Id
dcdcb26e-2ad0-466a-b23b-d87227eb6725
ETag
"881f94d9050c487cd616687b1840e96f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=3888000
X-Clv-S3-Version
2.5
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84255
Expires
Mon, 18 Apr 2022 16:00:37 GMT
rd_log
fra1-ib.adnxs.com/ Frame 2A42
0
813 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKXDOgXBgAAAwDWAAUBCKTviJEGEL2z8cHs--CucBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXj4yASAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFFRnMtOUFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTNOekRnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXS0xha0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITJoU2Vadzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAcAu2AIA4AKbhU7qAhdodHRwczovL3BpeGVsZHJhaW4uY29tL_ICEQoGQURWX0lEEgcxaRkFFAhDUEcFFBg0MjkzMTU1ARQIBUNQARNgCDM1OTk4NTI38gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYMA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Nzcw2gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ogpAAMgH-MgE0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB6q5EYoIAhAA&s=621f49eeb91984afeabf0a4521e2ebf4bd97e557&bdref=https%3A%2F%2Fpixeldrain.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpixeldrain.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dwiwarbj%26e%3D1959133272352,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dwiwarbj%26e%3D1959133272352&
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e35ca26c-2a1b-456f-911a-bb639ff4418e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 2A42
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Age
716528
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21933-LGA, cache-lcy19233-LCY
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1646409637.226068,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 933093
it
fra1-ib.adnxs.com/ Frame 2A42
0
813 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fpixeldrain.com%252F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGEL2z8cHs--CucBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXj4yASAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFFRnMtOUFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTNOekRnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXS0xha0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITJoU2Vadzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Nzcw2gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB_jIBNIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=83b7f119363596ce3f3d4df642ddfac376055f77
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
da014fcb-ceef-401d-94ee-ca50f957b166
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/ Frame 8380
82 KB
83 KB
Image
General
Full URL
https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.19.0 /
Resource Hash
757dfd01705d47b563c3fe285bcb85f22f3dfd15a582832ea61153585c199646

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Last-Modified
Wed, 01 Sep 2021 11:27:26 GMT
Server
nginx/1.19.0
x-amz-request-id
dcdcb26e-2ad0-466a-b23b-d87227eb6725
X-Clv-Request-Id
dcdcb26e-2ad0-466a-b23b-d87227eb6725
ETag
"881f94d9050c487cd616687b1840e96f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=3888000
X-Clv-S3-Version
2.5
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84255
Expires
Mon, 18 Apr 2022 16:00:37 GMT
rd_log
fra1-ib.adnxs.com/ Frame 8380
0
813 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKXDOgXBgAAAwDWAAUBCKTviJEGEMXbxceauOquQRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXi61wWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFRMXVPRUFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVXhPVERnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYR0tLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITFoUjhaZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAcAu2AIA4AKbhU7qAhdodHRwczovL3BpeGVsZHJhaW4uY29tL_ICEQoGQURWX0lEEgcxaRkFFAhDUEcFFBg0MjkzMTU1ARQIBUNQARNgCDM1OTk4NTI38gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYMA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1MTkw2gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ogpAAMgHutcF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB6q5EYoIAhAA&s=fb9ea7a3d7d9a591a638ed8d638522cc50d6efa0&bdref=https%3A%2F%2Fpixeldrain.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpixeldrain.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dhtodwi%26e%3D1959133272352,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dhtodwi%26e%3D1959133272352&
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
590412d1-221e-4e3a-ad0c-a88063406b47
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 8380
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Age
716526
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21933-LGA, cache-lcy19283-LCY
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1646409637.228062,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 377527
it
fra1-ib.adnxs.com/ Frame 8380
0
813 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fpixeldrain.com%252F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGEMXbxceauOquQRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXi61wWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFRMXVPRUFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVXhPVERnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYR0tLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITFoUjhaZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1MTkw2gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB7rXBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=c74970afb86101c62cacfb6e3d5039e6daee806b
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
20f93320-1660-433d-be6f-941bec412c84
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B864
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022022801&jk=384220114077430&rc=
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

script.js
acdn.adnxs-simple.com/strikeforce/ Frame ED0E
112 KB
39 KB
Script
General
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
158ea3f9e71cc4bfeef3e274fc9ab9d29a2d1d24cdb94b5ee86664eef4cabf29

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Age
37846
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
39847
X-Served-By
cache-lga21960-LGA, cache-lhr7364-LHR
Access-Control-Allow-Origin
*
Last-Modified
Wed, 19 Jan 2022 12:36:35 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1646409637.321019,VS0,VE0
ETag
W/"61e805d3-1c12c"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 02 Mar 2022 05:29:46 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 9778
6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/ Frame ED0E
82 KB
83 KB
Image
General
Full URL
https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.19.0 /
Resource Hash
757dfd01705d47b563c3fe285bcb85f22f3dfd15a582832ea61153585c199646

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Last-Modified
Wed, 01 Sep 2021 11:27:26 GMT
Server
nginx/1.19.0
x-amz-request-id
dcdcb26e-2ad0-466a-b23b-d87227eb6725
X-Clv-Request-Id
dcdcb26e-2ad0-466a-b23b-d87227eb6725
ETag
"881f94d9050c487cd616687b1840e96f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=3888000
X-Clv-S3-Version
2.5
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84255
Expires
Mon, 18 Apr 2022 16:00:37 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame ED0E
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Age
716528
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21933-LGA, cache-lcy19233-LCY
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1646409637.244756,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 933094
it
fra1-ib.adnxs.com/ Frame ED0E
0
813 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fpixeldrain.com%252F&e=wqT_3QKLCugLBQAAAwDWAAUBCKXviJEGENDLh6nloMSzdxgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXibyQSAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNyk7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFQVnZIRGdpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTJPRFRnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXMExLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITNoUzFhQTr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Njg02gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB5vJBNIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=e00980cdfc7fc8e64d17a452054a57a62af7b096
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1cd07908-f870-475d-91b5-387285ecbec5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 6CCB
0
831 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGELSQ45-Hj43YeBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXiz2AWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFSMXRfRlFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTJPRG5nQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXNUxLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITR4UVRhZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGxBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Njg52gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB7PYBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=6d93adc1e2302811864859fe9caf67696272c26e&type=nv&nvt=5&jm=1003&px=0&py=0&bw=160&bh=600&sid=4256399921654975664&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23209018&cid=3&cr=nv&sw=1600&sh=1200&pw=160&ph=600&ww=160&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1caf8a68-7d0b-4ba1-bd9a-0888e7cbd0a8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 88BF
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 21:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
154076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 21:12:41 GMT
vevent
fra1-ib.adnxs.com/ Frame 9D6B
0
831 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGENmAwfjYhd-ncBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXil2QWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFSVnNaRWdpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTBORFRnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYRUtxa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITJCUUpadzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1NDQ02gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB6XZBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=28982ffe92954f16bb6a457668d29b6d31613675&type=nv&nvt=5&jm=1003&px=0&py=0&bw=160&bh=600&sid=4256399921654975664&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23209018&cid=3&cr=nv&sw=1600&sh=1200&pw=160&ph=600&ww=160&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fc424745-17d3-437f-865f-1a21f0242599
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 8380
0
831 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGEMXbxceauOquQRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXi61wWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFRMXVPRUFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVXhPVERnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYR0tLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITFoUjhaZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1MTkw2gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB7rXBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=c74970afb86101c62cacfb6e3d5039e6daee806b&type=nv&nvt=5&jm=1003&px=0&py=0&bw=160&bh=600&sid=4256399921654975664&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23209018&cid=3&cr=nv&sw=1600&sh=1200&pw=160&ph=600&ww=160&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
afff01b5-822a-41c8-96f2-4c820b56d416
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame D1B8
0
831 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKvDOgvBgAAAwDWAAUBCKTviJEGEJe1s_bsqrvqERgAKjYJVMGopE5Agz8RH94xRGf8ez8ZAAAAgML14D8hHw0SBClVDSTwfTEAAABA4XqEPzC6yIgLOJhQQLsGSAJQn6PQogFYi7SWAWAAaPbFsgF44tUFgAEBigEDVVNEkgEDRVVSmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKApUBdWYoJ2EnLCA0NDc2MjgsIDE2NDY0MDk2MzYpOwEcMGknLCA1MDU3MTYyLCA-HQAsZycsIDE3MDYxMzM3Rh4AMHMnLCAyNzEwMDE1ODBGHwAwcicsIDM0MTA1Mzg1NTYfAPC8kgLhBSFLcElvdXdqMjI5OFlFSi1qMEtJQkdBQWdpN1NXQVRBQk9BQkFBRWk3QmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBZHpacU41SFBvTV93UUhjMmFqZVJ6NkRQOGtCQUFBQVlFOFI3al9aQVFBQUFBQUFBUEFfNEFHSzFiUUM5UUVBQUFCQW1BSUFvQUlBdFFJQUFBQUF2UUlBASzwfXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTHFqang4UUFoZ0NMUUFBZ0QtaUF3NEl1cU9QSHhBSUdBSXRBQUNBUDZJREV3aWRsczBmRUFvWUFTMTdpbkFfTWdOMWJtdWlBdzRJdXFPUEh4QUxHQQ008GU3b0RDVVpTUVRFNk5EUXlNZUFENFMyQUJJbnE4QVNJQk55WjVBZVFCQUNZQkFTeUJBa0k5LVFTRUtEb2lnMnlCQW9JMWZxTERoQ2c2SW9OdWdRZkNJVUVFWnFabVptWm1ja19HUUEB7wUBIElPTHhxQTBnMQE0LHJvRUdRaVFDaEdhbQEsGFptcFB4a0EVARxDRDM1QkxCQhERFE5BX3lRUREOIEFBTmdFQVBFRRkReENJQmNVaW1BWHN6NXlCQWFrRnhqTm82Sl9nN0QteEIdOwh3UVUZNwhNa0YRDQw4RF9SLigAADIVKLhEd1AtQUZyQWZ3QmRtcmtRajRCWXlwRzRJR0ExVlRSSWdHQUpBR0FaZ0dBS0VHQRFRKEVDb0JnU3lCaVFKERMMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFlaEphRkE65QIsSXUwbGdFZ0FDZ0FNFdlQQkFPZ2xHVWtFeE9qUTBNakZBNFMxFXkIOEQ5HXkAQh15AEIVeQwwRDlwCYEBAQRCeAEGCQEQQjRBSWs1jPDXOEQ4LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MjcjRlJBMTo0NDIx2gQCCAHgBAHwBJ-j0KIBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5o2AUB4AUB8AUn-gUECAAQAJAGAJgGALgGAMEGAR8wAADwP9AG_wHaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOKIKQADIB-LVBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=5522410d6c608b4dbfd8e6ff217feb3b03806a13&type=nv&nvt=5&jm=1003&sid=4256399921654975664&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23209018&cid=3&cr=nv&sw=1600&sh=1200&pw=160&ph=600&ww=160&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8a6e234a-bb92-4a20-a07a-7d881fedbd57
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubads_impl_2022022801.js
securepubads.g.doubleclick.net/gpt/ Frame D1B8
365 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=750280252
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
1df7a24523290093157df22484dc0881a2bcf2d5f4dc38e5f4d9cbce0684be97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 14:53:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124783
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 09:34:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Mar 2023 14:53:36 GMT
vevent
fra1-ib.adnxs.com/ Frame 2A42
0
831 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGEL2z8cHs--CucBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXj4yASAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFFRnMtOUFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTNOekRnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXS0xha0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITJoU2Vadzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Nzcw2gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB_jIBNIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=83b7f119363596ce3f3d4df642ddfac376055f77&type=nv&nvt=5&jm=1003&px=0&py=0&bw=160&bh=600&sid=4256399921654975664&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23209018&cid=3&cr=nv&sw=1600&sh=1200&pw=160&ph=600&ww=160&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3a9736a5-e101-440d-a987-7b55ff44570e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://kloperd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.21.6
date
Fri, 04 Mar 2022 16:00:37 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame ED0E
0
15 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kloperd.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 04 Mar 2022 16:00:37 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rd_log
fra1-ib.adnxs.com/ Frame ED0E
0
813 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKXDOgXBgAAAwDWAAUBCKXviJEGENDLh6nloMSzdxgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXibyQSAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNyk7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFQVnZIRGdpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTJPRFRnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXMExLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITNoUzFhQTr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAcAu2AIA4AKbhU7qAhdodHRwczovL3BpeGVsZHJhaW4uY29tL_ICEQoGQURWX0lEEgcxaRkFFAhDUEcFFBg0MjkzMTU1ARQIBUNQARNgCDM1OTk4NTI38gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYMA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Njg02gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ogpAAMgHm8kE0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB6q5EYoIAhAA&s=236b7bc56f5d8e712797bb3e01ee9ad87963c625&bdref=https%3A%2F%2Fpixeldrain.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpixeldrain.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dnkpmabwdq%26e%3D1959133272352,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dnkpmabwdq%26e%3D1959133272352&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8dc1b362-44da-4e10-b0f4-5be927449041
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame D1B8
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kloperd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D1B8
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kloperd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D1B8
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sra_setclickurl&pvsid=2618855297821412&lenfreqs=425%3A1&vrg=2022022801&nw_id=8951970&nslots=1&eid=31064961%2C31065485%2C31065498%2C31065515%2C31062930&pub_url=https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dylzmyhrz%26e%3D1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=ylzmyhrz&e=1959133272352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame D1B8
479 B
297 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2618855297821412&correlator=3357489011269287&eid=31064961%2C31065485%2C31065498%2C31065515%2C31062930&output=ldjh&gdfp_req=1&vrg=2022022801&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=8951970%2Cdatapoint%2Cdell_corporation_limited_uk_oli_344512_AdDaptive&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FVMGopE5Agz8f3jFEZ_x7PwAAAIDC9eA_H94xRGf8ez9VwaikTkCDP5fazM5W7dQREPXFSnLGv2SkNyJiAAAAADokYgEYKAAAOwMAAAIAAACfEVQUC5olAAAAAABVU0QARVVSAKAAWAL2ogAAAAABAQUCAAAAANgARyV8IgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ehJaFAj2298YEJ-j0KIBGIu0lgEgACgAMQAAAAAAAABAOglGUkExOjQ0MjFA4S1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DODI3I0ZSQTE6NDQyMQ%3D%3D%2Fbn%3D92898%2Fclickenc%3D&prev_scp=%2525CUSTOM_TARGETING_KEY_1%2525%3D%2525CUSTOM_TARGETING_VALUE_1%2525&cdm=kloperd.com&abxe=1&dt=1646409637446&lmt=1646409637&dlt=1646409636461&idt=966&ea=0&biw=-12245933&bih=-12245933&isw=160&ish=600&oid=2&adxs=0&adys=0&ucis=v4lvdvtl2ksu&adks=2906322180&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dylzmyhrz%26e%3D1959133272352&top=https%3A%2F%2Fpixeldrain.com%2F&frm=24&vis=1&scr_x=-12245933&scr_y=-12245933&psz=160x600&msz=160x0&ga_vid=739109976.1646409637&ga_sid=1646409637&ga_hid=423133713&ga_fc=false&fws=256&ohw=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f598cb1431a426b18ef3ace3598b2b25dfc71c7d49326038aa9f5bb8528604bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
267
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kloperd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1b1ead82496f6f0e5c5d2e2157a4e449.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7B76
6 KB
3 KB
Document
General
Full URL
https://1b1ead82496f6f0e5c5d2e2157a4e449.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 04 Mar 2022 16:00:37 GMT
expires
Sat, 04 Mar 2023 16:00:37 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/ Frame 836F
82 KB
83 KB
Image
General
Full URL
https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981878/6785c16c-01f1-4da1-94ec-2e3b6f699343.jpg
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.19.0 /
Resource Hash
757dfd01705d47b563c3fe285bcb85f22f3dfd15a582832ea61153585c199646

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Last-Modified
Wed, 01 Sep 2021 11:27:26 GMT
Server
nginx/1.19.0
x-amz-request-id
dcdcb26e-2ad0-466a-b23b-d87227eb6725
X-Clv-Request-Id
dcdcb26e-2ad0-466a-b23b-d87227eb6725
ETag
"881f94d9050c487cd616687b1840e96f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=3888000
X-Clv-S3-Version
2.5
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84255
Expires
Mon, 18 Apr 2022 16:00:37 GMT
rd_log
fra1-ib.adnxs.com/ Frame 836F
0
813 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKXDOgXBgAAAwDWAAUBCKTviJEGEPaH3LPFmdXbVRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXiy2AWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFSMXRfRlFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTJPRG5nQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXNUxLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITR4UVRhZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGxBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAcAu2AIA4AKbhU7qAhdodHRwczovL3BpeGVsZHJhaW4uY29tL_ICEQoGQURWX0lEEgcxaRkFFAhDUEcFFBg0MjkzMTU1ARQIBUNQARNgCDM1OTk4NTI38gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYMA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Njg52gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ogpAAMgHstgF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB6q5EYoIAhAA&s=7ea763b5d411af06bd96543b894d6fb90eb863a3&bdref=https%3A%2F%2Fpixeldrain.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpixeldrain.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Druuijhyqan%26e%3D1959133272352,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Druuijhyqan%26e%3D1959133272352&
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
55dfdc21-e971-4457-a64b-b19a7a93a822
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 836F
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Age
716528
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21933-LGA, cache-lcy19233-LCY
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1646409637.469650,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 933096
it
fra1-ib.adnxs.com/ Frame 836F
0
813 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fpixeldrain.com%252F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGEPaH3LPFmdXbVRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXiy2AWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFSMXRfRlFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTJPRG5nQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXNUxLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITR4UVRhZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGxBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Njg52gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB7LYBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=fc1946d85db9c19fb59e8768359458687039f9b1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
88de4598-795d-4dfd-8e36-c2536ffbd7f6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame ED0E
0
831 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKLCugLBQAAAwDWAAUBCKXviJEGENDLh6nloMSzdxgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXibyQSAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNyk7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFQVnZIRGdpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTJPRFRnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXMExLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITNoUzFhQTr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Njg02gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB5vJBNIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=e00980cdfc7fc8e64d17a452054a57a62af7b096&type=nv&nvt=5&jm=1003&px=0&py=0&bw=160&bh=600&sid=4256399921654975664&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23209018&cid=3&cr=nv&sw=1600&sh=1200&pw=160&ph=600&ww=160&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
af4e6bdd-7453-4660-99a7-f871f092873c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 836F
0
831 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGEPaH3LPFmdXbVRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXiy2AWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFSMXRfRlFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTJPRG5nQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXNUxLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITR4UVRhZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGxBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Njg52gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB7LYBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=fc1946d85db9c19fb59e8768359458687039f9b1&type=nv&nvt=5&jm=1003&px=0&py=0&bw=160&bh=600&sid=4256399921654975664&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23209018&cid=3&cr=nv&sw=1600&sh=1200&pw=160&ph=600&ww=160&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
18c20658-20e1-44cb-a647-bebeba1a0aac
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 88BF
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?2qH-6A
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D1B8
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022022801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7882a28f362b4f8a015fe93b64f58a431a89064852a6ba657f7d23f981d03b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10594
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1BDC
Redirect Chain
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=1281320897
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
82 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=ijgdhoks&e=1959133272352
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
bf672891d81b29b347b7fb1b066cb7a3a4e62d29a9bd64c42debed6014c64ada
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28015
x-xss-protection
0
server
sffe
etag
"1149 / 46 of 1000 / last-modified: 1646408612"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 04 Mar 2022 16:00:37 GMT

Redirect headers

date
Fri, 04 Mar 2022 16:00:37 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 04 Mar 2022 16:30:37 GMT
rd_log
fra1-ib.adnxs.com/ Frame 1BDC
0
813 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QLBGOhBDAAAAwDWAAUBCKXviJEGENf08NKFspKqfRgAKjYJVMGopE5Agz8RH94xRGf8ez8ZAAAAgML14D8hHw0SBClVDSTwfTEAAABA4XqEPzC6yIgLOJhQQLsGSAJQn6PQogFYi7SWAWAAaPbFsgF4pNYFgAEBigEDVVNEkgEDRVVSmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKApUBdWYoJ2EnLCA0NDc2MjgsIDE2NDY0MDk2MzcpOwEcMGknLCA1MDU3MTYyLCA-HQAsZycsIDE3MDYxMzM3Rh4AMHMnLCAyNzEwMDE1ODBGHwAwcicsIDM0MTA1Mzg1NTYfAPC8kgLdDyFTSmR5Y3dqMjI5OFlFSi1qMEtJQkdBQWdpN1NXQVRBQk9BQkFBRWk3QmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBZHpacU41SFBvTV93UUhjMmFqZVJ6NkRQOGtCQUFBQVlFOFI3al9aQVFBQUFBQUFBUEFfNEFHSzFiUUM5UUVBQUFCQW1BSUFvQUlBdFFJQUFBQUF2UUlBASzwfXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTHFqang4UUFoZ0NMUUFBZ0QtaUF3NEl1cU9QSHhBSUdBSXRBQUNBUDZJREV3aWRsczBmRUFvWUFTMTdpbkFfTWdOMWJtdWlBdzRJdXFPUEh4QUxHQQ002DdvRENVWlNRVEU2TkRjNU9PQUQ0UzJBQklucThBU0lCTnlaNUFlUUJBQ1lCQVNxQkxvSENQX18VAgh3RVEVDBRfX19BUmoBBw0BDDhCSVANCwEBCHdFbwEHEQEIQVREEQsUX19fOEJPMiwABEZBARYRAQRBVTZYAAxVRkJZERwBAQRBVzZMAABhNkwAAHcBJBEBGEFYZ0JnQUgRDwV8AGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAEHFBSUFzOhQAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLhUCAfQ2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC3wAQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQANhzZ1FKQ1Bma0VoQ2c2SW9Oc2dRS0NOWDZpdzRRb09pS0Rib0VId2lGQkJHYW1abVptWm5KUHhroesJARxDRGk4YWdOSQU0MDY2QkJrSWtBb1JtcG0FLgxxVDhaCSkFARxnOS1RU3dRUQUNHEFBRFFQOGtFDQ0BEBRZQkFEeEIBCw0BeGlBVy1KWmdGN00tY2dRR3BCY1l6YU9pZjRPd19zUVUNJhRBQUFNRUYBBwkBCERKQhFjDFBBXzAuKAAETmsVKLg4RF9nQmF3SDhBWFpxNUVJLUFXTXFSdUNCZ05WVTBTSUJnQ1FCZ0dZQmdDaEJnQQlbLEFCQXFBWUVzZ1lrQxFkDEFBQUUdDABHHQwASR0MOHVBWUuaApkBIWl4SU5HUTrhByxJdTBsZ0VnQUNnQU0VNVRCQU9nbEdVa0V4T2pRM09UaEE0UzFKAXEBAQw4RDlSAQgJAQBCPWkEQmgJFBRBQTBEOXARDAxBQUJ4HQwMNEFJazVsyDhEOC7YAgDgApuFTuoCF2h0dHBzOi8vcGl4ZWxkcmFpbi5jb20v8gIQCgZBRFZfSUQSBhY6CTDyAhIKBkNQR19JRBIIHhQJARUIBUNQARQACSIKCRDyAg0KCAE9FEZSRVESAQkQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDhAQCgVJTwFhBAc1FqYJAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD3-rFAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw1LjE4Ny4yMS4xMDSoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA0gQNODI3I0ZSQTE6NDc5ONoEAggB4AQB8ASfDhwLIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3QAAADYBQHgBQHwBSf6BQQIABAAkAYAmAYAuAYAwQYBHzAAAPA_0Ab_AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4ogpAAMgHpNYF0gcNFXQBOAjaBwYJJ0TgBwDqBwIIAPAHqrkRiggCEAA.&s=e15452eb9c28e46e2408b9f28c066eac0ada5820&bdref=https%3A%2F%2Fpixeldrain.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpixeldrain.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dijgdhoks%26e%3D1959133272352,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dijgdhoks%26e%3D1959133272352&
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a8dd7808-2faf-4af6-aa1e-a16133a56f00
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 1BDC
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 16:00:37 GMT
Content-Encoding
gzip
Age
716528
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21933-LGA, cache-lcy19233-LCY
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1646409638.580038,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 933097
it
fra1-ib.adnxs.com/ Frame 1BDC
0
813 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fpixeldrain.com%252F&e=wqT_3QKrFugrCwAAAwDWAAUBCKXviJEGENf08NKFspKqfRgAKjYJVMGopE5Agz8RH94xRGf8ez8ZAAAAgML14D8hHw0SBClVDSTwfTEAAABA4XqEPzC6yIgLOJhQQLsGSAJQn6PQogFYi7SWAWAAaPbFsgF4pNYFgAEBigEDVVNEkgEDRVVSmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKApUBdWYoJ2EnLCA0NDc2MjgsIDE2NDY0MDk2MzcpOwEcMGknLCA1MDU3MTYyLCA-HQAsZycsIDE3MDYxMzM3Rh4AMHMnLCAyNzEwMDE1ODBGHwAwcicsIDM0MTA1Mzg1NTYfAPC8kgLdDyFTSmR5Y3dqMjI5OFlFSi1qMEtJQkdBQWdpN1NXQVRBQk9BQkFBRWk3QmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBZHpacU41SFBvTV93UUhjMmFqZVJ6NkRQOGtCQUFBQVlFOFI3al9aQVFBQUFBQUFBUEFfNEFHSzFiUUM5UUVBQUFCQW1BSUFvQUlBdFFJQUFBQUF2UUlBASzwfXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTHFqang4UUFoZ0NMUUFBZ0QtaUF3NEl1cU9QSHhBSUdBSXRBQUNBUDZJREV3aWRsczBmRUFvWUFTMTdpbkFfTWdOMWJtdWlBdzRJdXFPUEh4QUxHQQ002DdvRENVWlNRVEU2TkRjNU9PQUQ0UzJBQklucThBU0lCTnlaNUFlUUJBQ1lCQVNxQkxvSENQX18VAgh3RVEVDBRfX19BUmoBBw0BDDhCSVANCwEBCHdFbwEHEQEIQVREEQsUX19fOEJPMiwABEZBARYRAQRBVTZYAAxVRkJZERwBAQRBVzZMAABhNkwAAHcBJBEBGEFYZ0JnQUgRDwV8AGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAEHFBSUFzOhQAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLhUCAfQ2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC3wAQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQANhzZ1FKQ1Bma0VoQ2c2SW9Oc2dRS0NOWDZpdzRRb09pS0Rib0VId2lGQkJHYW1abVptWm5KUHhroesJARxDRGk4YWdOSQU0MDY2QkJrSWtBb1JtcG0FLgxxVDhaCSkFARxnOS1RU3dRUQUNHEFBRFFQOGtFDQ0BEBRZQkFEeEIBCw0BeGlBVy1KWmdGN00tY2dRR3BCY1l6YU9pZjRPd19zUVUNJhRBQUFNRUYBBwkBCERKQhFjDFBBXzAuKAAETmsVKLg4RF9nQmF3SDhBWFpxNUVJLUFXTXFSdUNCZ05WVTBTSUJnQ1FCZ0dZQmdDaEJnQQlbLEFCQXFBWUVzZ1lrQxFkDEFBQUUdDABHHQwASR0MOHVBWUuaApkBIWl4SU5HUTrhByxJdTBsZ0VnQUNnQU0VNVRCQU9nbEdVa0V4T2pRM09UaEE0UzFKAXEBAQw4RDlSAQgJAQBCPWkEQmgJFBRBQTBEOXARDAxBQUJ4HQwMNEFJazVs8Nc4RDgu2AIA4AKbhU7qAhdodHRwczovL3BpeGVsZHJhaW4uY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA9_qxQHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMNS4xODcuMjEuMTA0qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANIEDTgyNyNGUkExOjQ3OTjaBAIIAeAEAfAEn6PQogGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABDmjYBQHgBQHwBSf6BQQIABAAkAYAmAYAuAYAwQYBHzAAAPA_0Ab_AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ogpAAMgHpNYF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB6q5EYoIAhAA&s=c31bb399e163e8a183441c56529a553a60e3f29a
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f634a148-3092-4949-b1c7-17a7fb530ae3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D1B8
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 04 Mar 2022 16:00:37 GMT
vevent
fra1-ib.adnxs.com/ Frame 1BDC
0
831 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKrFugrCwAAAwDWAAUBCKXviJEGENf08NKFspKqfRgAKjYJVMGopE5Agz8RH94xRGf8ez8ZAAAAgML14D8hHw0SBClVDSTwfTEAAABA4XqEPzC6yIgLOJhQQLsGSAJQn6PQogFYi7SWAWAAaPbFsgF4pNYFgAEBigEDVVNEkgEDRVVSmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKApUBdWYoJ2EnLCA0NDc2MjgsIDE2NDY0MDk2MzcpOwEcMGknLCA1MDU3MTYyLCA-HQAsZycsIDE3MDYxMzM3Rh4AMHMnLCAyNzEwMDE1ODBGHwAwcicsIDM0MTA1Mzg1NTYfAPC8kgLdDyFTSmR5Y3dqMjI5OFlFSi1qMEtJQkdBQWdpN1NXQVRBQk9BQkFBRWk3QmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBZHpacU41SFBvTV93UUhjMmFqZVJ6NkRQOGtCQUFBQVlFOFI3al9aQVFBQUFBQUFBUEFfNEFHSzFiUUM5UUVBQUFCQW1BSUFvQUlBdFFJQUFBQUF2UUlBASzwfXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DTHFqang4UUFoZ0NMUUFBZ0QtaUF3NEl1cU9QSHhBSUdBSXRBQUNBUDZJREV3aWRsczBmRUFvWUFTMTdpbkFfTWdOMWJtdWlBdzRJdXFPUEh4QUxHQQ002DdvRENVWlNRVEU2TkRjNU9PQUQ0UzJBQklucThBU0lCTnlaNUFlUUJBQ1lCQVNxQkxvSENQX18VAgh3RVEVDBRfX19BUmoBBw0BDDhCSVANCwEBCHdFbwEHEQEIQVREEQsUX19fOEJPMiwABEZBARYRAQRBVTZYAAxVRkJZERwBAQRBVzZMAABhNkwAAHcBJBEBGEFYZ0JnQUgRDwV8AGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAEHFBSUFzOhQAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLhUCAfQ2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC3wAQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQANhzZ1FKQ1Bma0VoQ2c2SW9Oc2dRS0NOWDZpdzRRb09pS0Rib0VId2lGQkJHYW1abVptWm5KUHhroesJARxDRGk4YWdOSQU0MDY2QkJrSWtBb1JtcG0FLgxxVDhaCSkFARxnOS1RU3dRUQUNHEFBRFFQOGtFDQ0BEBRZQkFEeEIBCw0BeGlBVy1KWmdGN00tY2dRR3BCY1l6YU9pZjRPd19zUVUNJhRBQUFNRUYBBwkBCERKQhFjDFBBXzAuKAAETmsVKLg4RF9nQmF3SDhBWFpxNUVJLUFXTXFSdUNCZ05WVTBTSUJnQ1FCZ0dZQmdDaEJnQQlbLEFCQXFBWUVzZ1lrQxFkDEFBQUUdDABHHQwASR0MOHVBWUuaApkBIWl4SU5HUTrhByxJdTBsZ0VnQUNnQU0VNVRCQU9nbEdVa0V4T2pRM09UaEE0UzFKAXEBAQw4RDlSAQgJAQBCPWkEQmgJFBRBQTBEOXARDAxBQUJ4HQwMNEFJazVs8Nc4RDgu2AIA4AKbhU7qAhdodHRwczovL3BpeGVsZHJhaW4uY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA9_qxQHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMNS4xODcuMjEuMTA0qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANIEDTgyNyNGUkExOjQ3OTjaBAIIAeAEAfAEn6PQogGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABDmjYBQHgBQHwBSf6BQQIABAAkAYAmAYAuAYAwQYBHzAAAPA_0Ab_AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ogpAAMgHpNYF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB6q5EYoIAhAA&s=c31bb399e163e8a183441c56529a553a60e3f29a&type=nv&nvt=5&jm=1003&sid=4256399921654975664&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23209018&cid=3&cr=nv&sw=1600&sh=1200&pw=160&ph=600&ww=160&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:37 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d5373f75-2e03-4bff-a8d5-8925b0f62518
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubads_impl_2022022801.js
securepubads.g.doubleclick.net/gpt/ Frame 1BDC
365 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=1281320897
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
1df7a24523290093157df22484dc0881a2bcf2d5f4dc38e5f4d9cbce0684be97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 14:53:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124783
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 09:34:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Mar 2023 14:53:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 717C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 04 Mar 2022 15:23:34 GMT
expires
Sat, 04 Mar 2023 15:23:34 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
2223
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8730
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fa9cdb3a5422c003e2074189258eb79991d7cbaff8606c9e25bebec2e78f6ee8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dT9MCpcDnKDe8np4PzvIhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 04 Mar 2022 16:00:37 GMT
date
Fri, 04 Mar 2022 16:00:37 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-dT9MCpcDnKDe8np4PzvIhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 717C
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 21:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
154076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 21:12:41 GMT
integrator.js
adservice.google.de/adsid/ Frame 1BDC
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kloperd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1BDC
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kloperd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BDC
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sra_setclickurl&pvsid=2242916252465175&lenfreqs=425%3A1&vrg=2022022801&nw_id=8951970&nslots=1&eid=31065294%2C31065501%2C31065503%2C31060545%2C31065456%2C44758226&pub_url=https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dijgdhoks%26e%3D1959133272352
Requested by
Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=ijgdhoks&e=1959133272352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 1BDC
0
512 B
Other
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2242916252465175&correlator=1915197707210436&wbsu=934215a9-4e2e-48e3-9ac4-3b2466e7e283&callback=googletag.wbn1&eid=31065294%2C31065501%2C31065503%2C31060545%2C31065456%2C44758226&output=wbn&gdfp_req=1&vrg=2022022801&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=8951970%2Cdatapoint%2Cdell_corporation_limited_uk_oli_344512_AdDaptive&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FVMGopE5Agz8f3jFEZ_x7PwAAAIDC9eA_H94xRGf8ez9VwaikTkCDP1c6XFqQSVR9oA-aAMH_LhilNyJiAAAAADokYgEYKAAAOwMAAAIAAACfEVQUC5olAAAAAABVU0QARVVSAKAAWAL2ogAAAAABAQUCAAAAANgA5iF0DAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ixINGQj2298YEJ-j0KIBGIu0lgEgACgAMQAAAAAAAABAOglGUkExOjQ3OThA4S1JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DODI3I0ZSQTE6NDc5OA%3D%3D%2Fbn%3D92964%2Fclickenc%3D&prev_scp=%2525CUSTOM_TARGETING_KEY_1%2525%3D%2525CUSTOM_TARGETING_VALUE_1%2525&cdm=kloperd.com&abxe=1&dt=1646409637760&lmt=1646409637&dlt=1646409636479&idt=1257&ea=0&biw=-12245933&bih=-12245933&isw=160&ish=600&oid=2&adxs=0&adys=0&ucis=vewjqph763a0&adks=2906322180&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dijgdhoks%26e%3D1959133272352&top=https%3A%2F%2Fpixeldrain.com%2F&frm=24&vis=1&scr_x=-12245933&scr_y=-12245933&psz=160x600&msz=160x0&ga_vid=1054820817.1646409638&ga_sid=1646409638&ga_hid=284137610&ga_fc=false&fws=256&ohw=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
480
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
application/webbundle
access-control-allow-origin
https://kloperd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
uuid:934215a9-4e2e-48e3-9ac4-3b2466e7e283
/ Frame 1BDC
519 B
645 B
Script
General
Full URL
urn:uuid:934215a9-4e2e-48e3-9ac4-3b2466e7e283
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39ae4604450a755070b3d40a743cd5bb47986f3ab8fed8350a863414890c4356
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 8730
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022022801&jk=2618855297821412&rc=
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/getconfig/ Frame 1BDC
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022022801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90a7ec481315375fc86fa889b621750050be92bce411c715b5d7fcf3d503d547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10496
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 717C
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?p4Ye_w
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1BDC
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 04 Mar 2022 16:00:37 GMT
/
reporting.powerad.ai/
2 B
271 B
Ping
General
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://pixeldrain.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
server
nginx/1.14.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A67
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 04 Mar 2022 15:23:34 GMT
expires
Sat, 04 Mar 2023 15:23:34 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
2223
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 58B3
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
24555477de3dba61eea435d276912206a1e614959e0d1a5b226bac2c495daea8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1wLAng6Q4rfqTswtyK4aow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 04 Mar 2022 16:00:37 GMT
date
Fri, 04 Mar 2022 16:00:37 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-1wLAng6Q4rfqTswtyK4aow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 4A67
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 21:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
154077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 21:12:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 58B3
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022022801&jk=2242916252465175&rc=
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 8845
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022022801&jk=384220114077430&bg=!xsWlxYHNAAb7UztL-1M7ACkAdvg8WhC9rgrie982E-NXeKfs6Bz8zg8akq-0XgojIXMGGhr2gDtusAIAAAC3UgAAAAloAQcKACh30J99Vf3iKdEKaj3KQKX3AgW2tGIkhY3lCM3Bm3_eQDHqRU4bWKE4mQLJjnWNak6ZeAOXBq6BUXoKcgi-JGBwLJfFFcKnv-UmpLj6VWWU_UXyGMWZkjqJljiG2-gVzCr0RJHy6HFUv3XKYJOhg-M0NHfz9ccSf_dUTZeQq4xYjbg_PiXLaasjaArkhzKx5TD5Y9zc83HNv8vGNRYreWk8QF0FXQwCpORBBVS9c8ZTHR8arw5q0zzjR0zspb-C-a7KZ7U-CohtiQebxbhxWgdZCkCWvq97k-fmoWRMRLZmI20vTcajSbc5diDDwy1SIR0sfAqu1aR2Qu5vQOdXhr5cSSW8QiA9grI7YEkItGGR9F1nS9ssA9Ol-vxlNfeMdQaBGV_SAceLq8N5J4hYGkjBBWL2sE0XmCpW47SOeUoVlv1FcxngYQKVn4mX0dG8r-eVo-zOJEFbSw3icPrNF2haHLdXzg-Q2D_LrIbscEWfNFKEH19_v9W823g5a5KL0oPNP2DnZYWUAZqCxP5VTxnPlDI44PuDxJdEGtxZu1weNhPAlDcidhWkssFaRI30fxQFBUj5neppT8yLEvDfnuoRdSESP6HexhOdBeBsycyLDE9Ix2s75qGLetcrl-Q7zXBEvsyL4pdd2q2Qg-RW-5ssbVm-okjLqaqEqzPznQ_CYa0od8qBn7oV3-_hSbB75J0SyqA8ZCyzwnymFzx2cs28rFs_6YWffsIKDzvK5tBQPqGSWcvhOd47bmfuH-JY4bM3u5YoF0vemLZ65KTLCHHaanVCq4LS3hahv-pS744Xe1e77Yqwl-yX8J39AKptxHs1k9Fd7hbRU9Mkfaw8TwUE55NtubW-Al-1KNIzUq0_8-EMxKisOAgDN7l1D2HHf0fLRc_igpswAHrkBCGm9vMh6cWE3lpTNlYvEYKamXvJetXmINno1JKq6BMTp5Bb9LILiYNmz3MWXmfqBNrN1eoC79-mqQshQ0GH3KnPbD4MpI8bppg
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 4A67
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?JQt2oQ
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame BFFF
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CX11ipDciYvjIKaG6lQfS4JLYCevR6qZo4Z7fhZQP0630_QgQASDW5sVYYPkFoAGJlvXvA8gBCeACAKgDAaoE6AFP0MVJHD9zaQODIelLdNPJp0CoBmUwnvgvd2IJuyvV3LMHKYld1lQUD6IW_ZBDAfPBu5tJ4x0w4IIEzKKHjRDT1sejXoHioprcXmE1e8E0EXadWBUdD-iu0u0LMJOaCsquuyg2czgGKIzJx1HtlTng1Feu2bPj3jZ74tNsEvhEk36kJAF9qi1QS_u3rp0DjHYG89AA7lKAI3lFSBEPrSLo3u0soYZoMckJs2lT_LTOuUTnjb3CWk_gSS5aUJ3hPeUbRm4_uAvNpZrWQwTzTI_09F_0PS_qa_ievDzUiC5DNVV_sc5ssPxuwASkjqOLkATgBAGgBi6AB9_pihCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDb8AHSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi05NTA4NjI5OTY2MDk3NzkzgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTIxMjg3NTcxNjc4MTI2NjMY3O1q&sigh=6JsxgOMI9PU&vt=1&template_id=484&uach_m=[]
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame BFFF
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBxr305EgiqJNAYlep1WSPLdvAsICYs8Cm_B7E4A8zG7HqGcJ9hC9GzK1AD-dtUzewYox5EG1JcQbnJPKwD9R3H7JqzjmDTrU0N4-UhxbD0-0xeuM&sai=AMfl-YSRUrmGVCF_g-tZo9oa_ngj1DN_p1TaYyyD8NfzNJnIDhKdLQ23Dm7YOEscQkvNpeRGoQcaVat4_epPxQAB3xeYjOwaf4-a1w0lddIpoTkxizXhjwLin7i0yrB2&sig=Cg0ArKJSzJuZ10uapZIYEAE&cid=CAASFeRoFC1FTWJ8R8rwqebVLQkkSEyeGg&id=ampim&o=1440,157&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=315&tls=1315&g=100&h=100&tt=1315&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=0
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pixeldrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 6CCB
0
831 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGELSQ45-Hj43YeBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXiz2AWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFSMXRfRlFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTJPRG5nQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXNUxLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITR4UVRhZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGxBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Njg52gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB7PYBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=6d93adc1e2302811864859fe9caf67696272c26e&type=pv&jm=1003&px=0&py=0&bw=160&bh=600&sf=1&sid=4256399921654975664&vd=ct~0|rr~6&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23209018&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:38 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
36b06ee7-8460-418f-883a-5489525679a5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 9D6B
0
831 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGENmAwfjYhd-ncBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXil2QWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFSVnNaRWdpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTBORFRnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYRUtxa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITJCUUpadzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1NDQ02gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB6XZBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=28982ffe92954f16bb6a457668d29b6d31613675&type=pv&jm=1003&px=0&py=0&bw=160&bh=600&sf=0.76&sid=4256399921654975664&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23209018&cid=3&cr=nv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:38 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
26853bb4-b218-44f3-95cb-d492c25088c3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 2A42
0
831 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGEL2z8cHs--CucBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXj4yASAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFFRnMtOUFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTNOekRnQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXS0xha0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITJoU2Vadzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEJBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Nzcw2gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB_jIBNIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=83b7f119363596ce3f3d4df642ddfac376055f77&type=pv&jm=1003&px=0&py=0&bw=160&bh=600&sf=1&sid=4256399921654975664&vd=ct~0|rr~6&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23209018&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:38 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
055605c7-7967-47be-95d1-2df64b94b03d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D1B8
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022022801&jk=2618855297821412&bg=!ICOlI2fNAAb7UztL-1M7ACkAdvg8WtHR41mxtpnH-zEzMESohpCJ1VzDGJpzjTvlOGOSwOBMvwcKyQIAAABbUgAAAAJoAQcKAI9my9Y9Mh_5fQPyqhvUYou7R3PsBgSAB061x-3AzLKnPPJ8NdlQSpccb3kWXYl1sqtpon_NFVDODjRcJe6j83e4nOOOvkhOEG8wRMSxZN-LuiGfShIPuRoZxrR5TTO0LDHOHukypSAIMQ3T3zASUdQ8gNymCwYi-QnCuwcwJ8h36oGJ5foSQnrvolpa6dE7r5kCvU58DY5TteKoNigC3gtxoMU2gr-XbzbEolIaPOPhFhap4ZvSOkvW5WHXXTlU94RleoZfYnjPhX7BISPDqPVHGYZ81RGNb8IwEvXbHIu4NDBWFpfZ0Gs7YOmvepxRkdOjfjKscFd3g5jmMBGeylSJEyaiVU9-hqzj483OqjtqYj7W1Y0GcFkNe1pZ4KzPU59-F4H9098WgAR6lxqwRD7E1m6gxdj2F2_3Gets7IN1NMJVNa63TmfxV6ZY4GJpX9KZLqlhXGLv04b-mmkEwWtt5yaHXZOCbYfrRMael2kU18LCvPZUuOSR7wJz0kjD-2THVWwyZNvHRaaxtOgF4EMNX5Zxo7y0_xKkwTi5djRqvqpaY3L1VxOdiA4aIPwQY7aff7fRNhfC5STfkpqqNQzKxUuv3GwW68-2kjkTdgocnr22A-jbfQi_AdbR9nRpWmATbZ08PJTwGBoptrNNvHhcUgV6xRU-rmddYRcD28-C1wVCY8nRf0I0HwlxtLeVH3ggpoLhlGihIvLkEPkLH134HCm9vRz2NzV2whCygQvvC7JDvglWr1y1lCdvlMkPHTxbcWG1ttSKmYD3FFN9f3zQRBD_9wt65csWlldVZ7sSYzN_qA60vHqkjEl4KVxedCK5s0WCLAld6kREsJ4vcz7YW8ShdTdPuMtKB7ig-PnRH51GO1iBdPoProWuh4dRt9ezF80MLEfS8uxLmPFeZlrQg4BfLGcoHs3nkZwVyBScx9XW-KQYB8FiBvyavO3fU895sNxdSvPLKe9NgkH5ZPPYfrj5_PkPHT5LXT4Z6hezwzh6hsZtu3kWw8EQPTeN_WhGmj2sYU_Hejl9yw-Ju43DdFy-aoDTACa-RkP08YENb948doJXQEp9a8G3DoPE7Hlpl87pUxJn0-dGfqrtraLxEaKlffZ8dvoJxrHeu0Ot
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 836F
0
831 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpixeldrain.com%2F&e=wqT_3QKLCugLBQAAAwDWAAUBCKTviJEGEPaH3LPFmdXbVRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAgML14D8hRw0SACkRJPCVMQAAAEDheoQ_MLrIiAs4mFBApgZIAlCL5cGTAViLtJYBYABo9sWyAXiy2AWAAQGKAQNVU0SSAQNFVVKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NjQwOTYzNik7dWYoJ2knLCA1NjY0MTIsIDE2NDY0MDk2ERwwcicsIDMwOTM1OTI0MzYfAPCQkgL5AyFSMXRfRlFpX2xwVVJFSXZsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxDNnlJZ0xXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTJPRG5nQS1FdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXNUxLa0Z4ak5vNkpfZzdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITR4UVRhZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGxBNFMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfD1LtgCAOACm4VO6gIXaHR0cHM6Ly9waXhlbGRyYWluLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APf6sUB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDUuMTg3LjIxLjEwNKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADSBA04MDYjRlJBMTo1Njg52gQCCAHgBAHwBIvlwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBvgB2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOKIKQADIB7LYBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=fc1946d85db9c19fb59e8768359458687039f9b1&type=pv&jm=1003&px=0&py=0&bw=160&bh=600&sf=1&sid=4256399921654975664&vd=ct~0|rr~6&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23209018&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:38 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9b7de936-0a9b-4fba-9af1-8fa413d8d2c2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kloperd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame AAB2
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BDC
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022022801&jk=2242916252465175&bg=!m5ilmNzNAAb7UztL-1M7ACkAdvg8Wv9mOMDfSDkrVQtU4rH4pRR3GFpL_SEELspDFyj3sclSPLkuygIAAABUUgAAAANoAQcKADCSbpdNyUkhK07U3UhJ463g07JZ5R_ueb1IJ9GpBtrDC_dSsts-f1ry-kXM60WBQG-ZAr1GcaxBBJBBGVeUuYfoflCnHMjUWZQSB3MX4N0yF1qNYuLDwMlOiY-56UvJ3d3iT-Y6DyuFY_gscQosfv9ebEwXsJRSVIg50hZkv9CZJpM1t8nNHJx-NotQxKw6qmT6rhTU0WIosi5E4ziBOJnKuy9K8vyasTs2Bx0fY2MCKcuDREtnSwc0OoHHwLhfR4Gv5XBTV5ROggkzQz3SEIlrtj9sEUMYRQHtYE-5gJaS_vnTAuJn1f1p2_urGTKs-7eriwWnBRSKKcZ3xax3tF7JcmI15NhfFnM6SxubLdRvNbMsVR1Fj9zsTN0J9oibQuL37Cmh37T_byvwrmpK8RUmNfUG38ciusfluI4CKd5nm3AFd_6dq8PDaEDGrBRUzVMmw9DsX_myuTv2IQJr0vfhRI9n5lng5PpAOeLQCuzjm4tSIRSgDAMFtF9jaf2h0ey7fF2OZUhShWaHpvwCdMarXxUlgUHwjKdskeP71zog18WAJFClCU7DFQ_xALS94b8_RhTaJsV85jpk89n3POG39voOLfyR57CWVlLRVIkfUkDeicGHdsQE3fI78XoHGcwalJMpxYLraCZBCBeVEFx1jBKQSnOyTYH8T41Aa-kYMoj2BV0xFfLJ0nu7kfY0YIFuvOx3ZTO0hLJM9I70N4i60YKiUfhfr0rB832-2uPMbM9uvI6Bl0Z1oOV1tbji-GtHsLtM4SthHjXux2NSImwc9pGwORgxqxWFLNorr1vUFA4P-hB1mu4Pjy_YGYQWwZOybpe01Kyc3SjdnuzPr5xWpcTuyikP3_MGICtylYxKQRcdG23AlSv8Bu-G_Dnlc2FTLRUlhLQ4PE8K6aobLB2WjJvRWLepJgdIjB4ZgbZlPQXxpxR4I6b7QgVOwMSZZsFRot5rf5HCEWnlegnO4FnNSZ6Nva6qWKc5SiznoZpKeQ
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 0AC0
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 99B9
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 841C
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
syncframe
gum.criteo.com/ Frame 2434
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2213
date
Fri, 04 Mar 2022 16:00:37 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 0AC0
97 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9236
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
syncframe
gum.criteo.com/ Frame 8E75
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2532
date
Fri, 04 Mar 2022 16:00:38 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame AAB2
97 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
syncframe
gum.criteo.com/ Frame 0356
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2432
date
Fri, 04 Mar 2022 16:00:38 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 99B9
97 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
syncframe
gum.criteo.com/ Frame 08E7
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1768
date
Fri, 04 Mar 2022 16:00:38 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 841C
97 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C5EF
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 2C94
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
syncframe
gum.criteo.com/ Frame F500
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1822
date
Fri, 04 Mar 2022 16:00:38 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9236
97 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
syncframe
gum.criteo.com/ Frame C3AB
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
5828
date
Fri, 04 Mar 2022 16:00:38 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C5EF
97 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C2EA
97 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
syncframe
gum.criteo.com/ Frame 8B8F
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3852
date
Fri, 04 Mar 2022 16:00:38 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 2C94
97 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:00:38 GMT
sid
mug.criteo.com/ Frame 08E7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1
  • https://mug.criteo.com/sid?cpp=jS5WNnxWUlRqcXRabnNKMVFGTDYrK1RBWWhwV1pRZDBuZnFBY0VwZ1dQZlgzd0RyVHFLekVucUFEYy9EYXpmWURtcnZpKys0dlI0YUloVkVScWM0OVYrNlB3VDdzMkpsWndZNlNnNlhJTm13YW5sZmFrTmZHcGUyQy85Zz...
444 B
637 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=jS5WNnxWUlRqcXRabnNKMVFGTDYrK1RBWWhwV1pRZDBuZnFBY0VwZ1dQZlgzd0RyVHFLekVucUFEYy9EYXpmWURtcnZpKys0dlI0YUloVkVScWM0OVYrNlB3VDdzMkpsWndZNlNnNlhJTm13YW5sZmFrTmZHcGUyQy85ZzRydVorT2dTZEVDa1pGcDVwRmhMUlhkSlpDdFlBc083ZnBBbllRbk5vUnk5OUMvQjM3RkNUUEltL0lsbFQ2eWZUK3NKV0dKdU5XS0dWUG1iMUZDZVdabTROVDRmcER5a0pTekV3RDk2VndvQzJ3UnM5YWxkc09MVHp2RDFDcW1ZczFWZjcrQlVHZXBrQkJ0SHR2YS9ZdlZrVWxWZXdyZz09fA&cppv=2
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7702fe0bce275f1f28c6ed2d19d13e5211842dd015eb0c86515cd77ac2263c3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4602
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=jS5WNnxWUlRqcXRabnNKMVFGTDYrK1RBWWhwV1pRZDBuZnFBY0VwZ1dQZlgzd0RyVHFLekVucUFEYy9EYXpmWURtcnZpKys0dlI0YUloVkVScWM0OVYrNlB3VDdzMkpsWndZNlNnNlhJTm13YW5sZmFrTmZHcGUyQy85ZzRydVorT2dTZEVDa1pGcDVwRmhMUlhkSlpDdFlBc083ZnBBbllRbk5vUnk5OUMvQjM3RkNUUEltL0lsbFQ2eWZUK3NKV0dKdU5XS0dWUG1iMUZDZVdabTROVDRmcER5a0pTekV3RDk2VndvQzJ3UnM5YWxkc09MVHp2RDFDcW1ZczFWZjcrQlVHZXBrQkJ0SHR2YS9ZdlZrVWxWZXdyZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1686
content-length
541
expires
0
sid
mug.criteo.com/ Frame 2434
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1
  • https://mug.criteo.com/sid?cpp=m5qfUnwvOEJoOVZJNUJQTWlrR25mcnVNdVJTOFZreklhc0tFTUtmV0tNZXA3Z1FYRWR4N3VTTU95Smo0YlRlMEI0Nk9HZnpKMFBiN1BYMmh2elhLUURQSE9VRS9zbTh4WmgvQmx3bHltTTV0MjY4Qk4rK1ROcEFjNUhKSG...
436 B
632 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=m5qfUnwvOEJoOVZJNUJQTWlrR25mcnVNdVJTOFZreklhc0tFTUtmV0tNZXA3Z1FYRWR4N3VTTU95Smo0YlRlMEI0Nk9HZnpKMFBiN1BYMmh2elhLUURQSE9VRS9zbTh4WmgvQmx3bHltTTV0MjY4Qk4rK1ROcEFjNUhKSGhXQ1kwaTZuQXo0cndqQUt4a3NmQWl1UDNkZTBPSGhHVERjWlNYV1J4cFlVdU5EVzhwTlVzbHU5Y0l6V3NCeWVpU3FwTlBFa1M2V3pnMmh0Q3BubHRlcWhFR1FJZDdpMjVFU3MyQkNoZzBrNWp3c0lPU3dQKzQvSUpSMERLSUlMT1NaN0EwM2t6aXRNY0MzR0VCWUtGVC9jbWZmSld2cHhJakFVU1FoMHpScXRnZUtRMW9scz18&cppv=2
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
fd70eefec40d2ba59369f8424c120b4dcf21a3d96872d36ca3fcce3f9f6dcdf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3222
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=m5qfUnwvOEJoOVZJNUJQTWlrR25mcnVNdVJTOFZreklhc0tFTUtmV0tNZXA3Z1FYRWR4N3VTTU95Smo0YlRlMEI0Nk9HZnpKMFBiN1BYMmh2elhLUURQSE9VRS9zbTh4WmgvQmx3bHltTTV0MjY4Qk4rK1ROcEFjNUhKSGhXQ1kwaTZuQXo0cndqQUt4a3NmQWl1UDNkZTBPSGhHVERjWlNYV1J4cFlVdU5EVzhwTlVzbHU5Y0l6V3NCeWVpU3FwTlBFa1M2V3pnMmh0Q3BubHRlcWhFR1FJZDdpMjVFU3MyQkNoZzBrNWp3c0lPU3dQKzQvSUpSMERLSUlMT1NaN0EwM2t6aXRNY0MzR0VCWUtGVC9jbWZmSld2cHhJakFVU1FoMHpScXRnZUtRMW9scz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1932
content-length
567
expires
0
sid
mug.criteo.com/ Frame F500
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1
  • https://mug.criteo.com/sid?cpp=fXc70HxGMlVOZDEvc2k3cE5SVHZiV2EzWnRIM21wQ0x0dk9MYzdZMnZMUHJJNEFqL3liZEVFWk10NTBJYzV5WHp2L2U5TXVCNlA0ejlBb2NkWGI1Wmd2cXNINWdRdU5laGYrb2ZIbTdnN0R0OVdPTHE4Z2JyYmxzd0VxWn...
436 B
635 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=fXc70HxGMlVOZDEvc2k3cE5SVHZiV2EzWnRIM21wQ0x0dk9MYzdZMnZMUHJJNEFqL3liZEVFWk10NTBJYzV5WHp2L2U5TXVCNlA0ejlBb2NkWGI1Wmd2cXNINWdRdU5laGYrb2ZIbTdnN0R0OVdPTHE4Z2JyYmxzd0VxWnMxWFJFU0srenJJT3ZiNWVXb2xBRmROOXhzN1dKeGdCNmFzckVzcndSSHJNbVMzYTNZNlRza250Ri9FQmVPOWRMZ1FjK2xhcHJiQ2xzMzlzVHczMFlnM2I0eTJsd2Rud0xTQnUwSkNwcW9TYXJ6cnhTeGNNSVVwNUNHTVBCMUFPaDdpZElGcDZLOE5ZRXBqS0QrUUhUWCtUdnpqaEp1RHYyZzB0MExNWjBGQi93aGJtWU96VT18&cppv=2
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2ab0338f45e291243eee46195548382c8398d037f5c9380a581dfe1ea2bdec29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3934
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=fXc70HxGMlVOZDEvc2k3cE5SVHZiV2EzWnRIM21wQ0x0dk9MYzdZMnZMUHJJNEFqL3liZEVFWk10NTBJYzV5WHp2L2U5TXVCNlA0ejlBb2NkWGI1Wmd2cXNINWdRdU5laGYrb2ZIbTdnN0R0OVdPTHE4Z2JyYmxzd0VxWnMxWFJFU0srenJJT3ZiNWVXb2xBRmROOXhzN1dKeGdCNmFzckVzcndSSHJNbVMzYTNZNlRza250Ri9FQmVPOWRMZ1FjK2xhcHJiQ2xzMzlzVHczMFlnM2I0eTJsd2Rud0xTQnUwSkNwcW9TYXJ6cnhTeGNNSVVwNUNHTVBCMUFPaDdpZElGcDZLOE5ZRXBqS0QrUUhUWCtUdnpqaEp1RHYyZzB0MExNWjBGQi93aGJtWU96VT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2096
content-length
567
expires
0
sid
mug.criteo.com/ Frame 0356
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1
  • https://mug.criteo.com/sid?cpp=XpAzSHx5RGhGQ3R4WFg0R2NhVW1mSW01djYrcWZ3TkVCSmRjS1BQYnlIMXkwTEg4elhRTUVwbFAwOThaMFg3dm1wNit6TC8zOU84K2w3cXczaXloQVJJaWVXcWZmVThYN01SeVE4c1l1STJ5ekRxTTV1U0huZDZtbXVMd0...
420 B
630 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=XpAzSHx5RGhGQ3R4WFg0R2NhVW1mSW01djYrcWZ3TkVCSmRjS1BQYnlIMXkwTEg4elhRTUVwbFAwOThaMFg3dm1wNit6TC8zOU84K2w3cXczaXloQVJJaWVXcWZmVThYN01SeVE4c1l1STJ5ekRxTTV1U0huZDZtbXVMd0dqaElKREtFdGVpQm81bDVjU3hNdjAwZ09aRTJUaUpwaGtSaXRmV2hXL2o1S3B3M3NRTkZMZjBQWTJsL2NLV1lZTzM5R3p3VERLRFluYUpZRSs2VnBkVkFOZU1ValVEVGtmZ0htRmUyblEvL1RBSFVudVd4S0xzaXF3amY5cVZHaVlFbFROR1VSMkdCUE9Ec3RzbXlQV1l3ODc0ck9Udz09fA&cppv=2
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3dcc1250069aac175b4443011f6adb2d1b2e9e0f89cf5b00765d1360d1f953c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4127
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=XpAzSHx5RGhGQ3R4WFg0R2NhVW1mSW01djYrcWZ3TkVCSmRjS1BQYnlIMXkwTEg4elhRTUVwbFAwOThaMFg3dm1wNit6TC8zOU84K2w3cXczaXloQVJJaWVXcWZmVThYN01SeVE4c1l1STJ5ekRxTTV1U0huZDZtbXVMd0dqaElKREtFdGVpQm81bDVjU3hNdjAwZ09aRTJUaUpwaGtSaXRmV2hXL2o1S3B3M3NRTkZMZjBQWTJsL2NLV1lZTzM5R3p3VERLRFluYUpZRSs2VnBkVkFOZU1ValVEVGtmZ0htRmUyblEvL1RBSFVudVd4S0xzaXF3amY5cVZHaVlFbFROR1VSMkdCUE9Ec3RzbXlQV1l3ODc0ck9Udz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1768
content-length
541
expires
0
sid
mug.criteo.com/ Frame 8E75
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1
  • https://mug.criteo.com/sid?cpp=9Zf0lHw3djUzYkNHV3lFTkliNExERFR0bnhUZDM2VndaVGlyTEFXT2VJQVdJZy9rTkcwbXA0WGtaN3Z6T0s2b2trYXNQYUQvbGpUbnZ5cmRrTXA1Zi9KK3BkM3hFRWxrblVTazg3dnErK1hnRWlhTWlqV25nZU5HWURHbH...
433 B
632 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=9Zf0lHw3djUzYkNHV3lFTkliNExERFR0bnhUZDM2VndaVGlyTEFXT2VJQVdJZy9rTkcwbXA0WGtaN3Z6T0s2b2trYXNQYUQvbGpUbnZ5cmRrTXA1Zi9KK3BkM3hFRWxrblVTazg3dnErK1hnRWlhTWlqV25nZU5HWURHbHMxdERXWkVuY3BuZ2FQWkl5ZkxIM3NiK3lrOWFOTXE5dHNnTjFLZ1FhYXBMdE8rWkdMY2lmemprOTdRUTBuWldFV25KZDk5QXZmWnRaT2FSL0VwbVFETiszaEpYZXEwY3BMM0xrQnVXcnlIczdhbWIycTA2dktzUjU0a3RaZE9pZ0dYK3pnalJiakhnMjFFTVhvL245WW9XbkwvTW5JZz09fA&cppv=2
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
675e303a5d224a9befa37374aaa7cfd2c0a905450e87d0b94a96a330b9836e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3795
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=9Zf0lHw3djUzYkNHV3lFTkliNExERFR0bnhUZDM2VndaVGlyTEFXT2VJQVdJZy9rTkcwbXA0WGtaN3Z6T0s2b2trYXNQYUQvbGpUbnZ5cmRrTXA1Zi9KK3BkM3hFRWxrblVTazg3dnErK1hnRWlhTWlqV25nZU5HWURHbHMxdERXWkVuY3BuZ2FQWkl5ZkxIM3NiK3lrOWFOTXE5dHNnTjFLZ1FhYXBMdE8rWkdMY2lmemprOTdRUTBuWldFV25KZDk5QXZmWnRaT2FSL0VwbVFETiszaEpYZXEwY3BMM0xrQnVXcnlIczdhbWIycTA2dktzUjU0a3RaZE9pZ0dYK3pnalJiakhnMjFFTVhvL245WW9XbkwvTW5JZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1651
content-length
541
expires
0
sid
mug.criteo.com/ Frame C3AB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1
  • https://mug.criteo.com/sid?cpp=DC7cpXxHSk1OQ09BQzJoanA2ZUlKVFRmWkdJQjZKVVBuSFlYWmIyRlVHYmZITlREc3FWbjlkd3VVOWdkbHdXT3pON1NHTjJ3UFV2ZWZlbnZEVWlRT2VLZlBGV3RrWHU4d09xOFlFem9FWGJFTnVBVEZSMmFteHRDM1pvMX...
439 B
637 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=DC7cpXxHSk1OQ09BQzJoanA2ZUlKVFRmWkdJQjZKVVBuSFlYWmIyRlVHYmZITlREc3FWbjlkd3VVOWdkbHdXT3pON1NHTjJ3UFV2ZWZlbnZEVWlRT2VLZlBGV3RrWHU4d09xOFlFem9FWGJFTnVBVEZSMmFteHRDM1pvMXlzS25nanVabUdIR3g3bEFmWUQ3ZG9ZNTBKdWVvSHY2Nm45QjJpblZxUmZJd1FrMVBrODlpOC9qM01obmgvYUlpV2tha0xuNkpJZGtsMkJlSEx4blpDelI5cS9kME1yMWdQbkd2N2dzN3RJQUZWMSt0VktSNHF1TmtKc1psaVlDdkpjZlM3R2xEYVdibFBWdXd0SlRCZURxb0lkNkpZZz09fA&cppv=2
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d4c04959c98244dc32c651e65f9af740b4635f91212e944159f461fc621298d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3278
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=DC7cpXxHSk1OQ09BQzJoanA2ZUlKVFRmWkdJQjZKVVBuSFlYWmIyRlVHYmZITlREc3FWbjlkd3VVOWdkbHdXT3pON1NHTjJ3UFV2ZWZlbnZEVWlRT2VLZlBGV3RrWHU4d09xOFlFem9FWGJFTnVBVEZSMmFteHRDM1pvMXlzS25nanVabUdIR3g3bEFmWUQ3ZG9ZNTBKdWVvSHY2Nm45QjJpblZxUmZJd1FrMVBrODlpOC9qM01obmgvYUlpV2tha0xuNkpJZGtsMkJlSEx4blpDelI5cS9kME1yMWdQbkd2N2dzN3RJQUZWMSt0VktSNHF1TmtKc1psaVlDdkpjZlM3R2xEYVdibFBWdXd0SlRCZURxb0lkNkpZZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1845
content-length
541
expires
0
sid
mug.criteo.com/ Frame 8B8F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1
  • https://mug.criteo.com/sid?cpp=UWSgenxRRzdPcEdwblR5OHFEb2NyK1laa3lScHJGNHpZazRNZ05FODZvQWpjOVVUNzQ1Qk5IV3pJbnloQlRFTnZmU0U0TDZhWjNhUjBTbVFaNGtIeEVlRGZYdWV0Y2NDOXRFa0pzSGN5NVJKVUxyTGh4eGxjdy9rbjA2Zk...
417 B
629 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=UWSgenxRRzdPcEdwblR5OHFEb2NyK1laa3lScHJGNHpZazRNZ05FODZvQWpjOVVUNzQ1Qk5IV3pJbnloQlRFTnZmU0U0TDZhWjNhUjBTbVFaNGtIeEVlRGZYdWV0Y2NDOXRFa0pzSGN5NVJKVUxyTGh4eGxjdy9rbjA2ZkxPRE5sVWN5S0hnT3labEw0RFlFTmRtYUoyMkQ3dW1kaWJvREtzTytlaVBuTUo3d056eVI2ZEpYbDgyaEs2eEJxZmphUy9TTWxzS3ZWWW5JODN1M1dsNGRoRjRrbFZ5R0xxbEErSURNSTVOYzRjTzh1VmNBR05QR0ppM0tiTCtQdm50RnRTTUlWQzA5SVAvYmlFQWpuVXNJcm5RSGw5QT09fA&cppv=2
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
81049704d87edb91914b8251ce3629280bcb4b66728f9c3567c8a09cb5196321
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3365
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=UWSgenxRRzdPcEdwblR5OHFEb2NyK1laa3lScHJGNHpZazRNZ05FODZvQWpjOVVUNzQ1Qk5IV3pJbnloQlRFTnZmU0U0TDZhWjNhUjBTbVFaNGtIeEVlRGZYdWV0Y2NDOXRFa0pzSGN5NVJKVUxyTGh4eGxjdy9rbjA2ZkxPRE5sVWN5S0hnT3labEw0RFlFTmRtYUoyMkQ3dW1kaWJvREtzTytlaVBuTUo3d056eVI2ZEpYbDgyaEs2eEJxZmphUy9TTWxzS3ZWWW5JODN1M1dsNGRoRjRrbFZ5R0xxbEErSURNSTVOYzRjTzh1VmNBR05QR0ppM0tiTCtQdm50RnRTTUlWQzA5SVAvYmlFQWpuVXNJcm5RSGw5QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2208
content-length
541
expires
0
syncframe
gum.criteo.com/ Frame 90A7
13 KB
5 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pixeldrain.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
4895
date
Fri, 04 Mar 2022 16:00:39 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
sid
mug.criteo.com/ Frame 90A7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=pixeldrain.com&lsw=1
  • https://mug.criteo.com/sid?cpp=D39CRnxMU3lFbTR5N2FCWERWcVNvOGxoZXVib2paMy8ybGtUb2w3ZXEzVXJDdGlTeUNtQ1dXSk1NYktVc0gwc2oreDNNOVk0RllBbWsvYzJjQTFXVW44Q1BlMXFaZE9waXdYM01ESzc5UndQcFVuV1VPTDBrbzdqTDRhMV...
435 B
629 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=D39CRnxMU3lFbTR5N2FCWERWcVNvOGxoZXVib2paMy8ybGtUb2w3ZXEzVXJDdGlTeUNtQ1dXSk1NYktVc0gwc2oreDNNOVk0RllBbWsvYzJjQTFXVW44Q1BlMXFaZE9waXdYM01ESzc5UndQcFVuV1VPTDBrbzdqTDRhMVZ2VG1XaXJ2SGo3cHpOcFpUME5vRncwblVWR2VzcWRVZDRLL3FRa2x5VVNSQnpyQW16bjFiTGRhREdlV2xleVBhRTRYQ0FnTHlsY01RdnhWU09ZK2VSWUNMYVVqMzdMVWZoM3ZGMGN1amwrdWZJR29TR3ZqQ1dWN2Z6V2lWbHVIQ3FXS1JPRjN3VlNqN2pvbDg1cXNMaEMwNkV6d0hJQT09fA&cppv=2
Requested by
Host: pixeldrain.com
URL: https://pixeldrain.com/u/DYhuEsXr
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5d577b2cef5dd142dafad1f81c89733373e32f9eb18125bd725360bd77995808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3683
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 04 Mar 2022 16:00:38 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=D39CRnxMU3lFbTR5N2FCWERWcVNvOGxoZXVib2paMy8ybGtUb2w3ZXEzVXJDdGlTeUNtQ1dXSk1NYktVc0gwc2oreDNNOVk0RllBbWsvYzJjQTFXVW44Q1BlMXFaZE9waXdYM01ESzc5UndQcFVuV1VPTDBrbzdqTDRhMVZ2VG1XaXJ2SGo3cHpOcFpUME5vRncwblVWR2VzcWRVZDRLL3FRa2x5VVNSQnpyQW16bjFiTGRhREdlV2xleVBhRTRYQ0FnTHlsY01RdnhWU09ZK2VSWUNMYVVqMzdMVWZoM3ZGMGN1amwrdWZJR29TR3ZqQ1dWN2Z6V2lWbHVIQ3FXS1JPRjN3VlNqN2pvbDg1cXNMaEMwNkV6d0hJQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1813
content-length
541
expires
0
sspmatch-iframe
ads.betweendigital.com/ Frame DF35
0
72 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5D00
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Tue, 01 Mar 2022 06:18:08 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 04 Mar 2022 16:00:40 GMT
Age
34946
X-Served-By
cache-lga21950-LGA, cache-lhr7340-LHR
X-Cache
HIT, HIT
X-Cache-Hits
1, 96100
X-Timer
S1646409640.189453,VS0,VE0
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 01BB
0
80 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.0
date
Fri, 04 Mar 2022 16:00:40 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pd
u.openx.net/w/1.0/ Frame 88DA
0
91 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.0
date
Fri, 04 Mar 2022 16:00:40 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sspmatch-iframe
ads.betweendigital.com/ Frame 4572
0
72 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame E353
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Tue, 01 Mar 2022 06:18:08 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 04 Mar 2022 16:00:40 GMT
Age
34945
X-Served-By
cache-lga21950-LGA, cache-lhr7337-LHR
X-Cache
HIT, HIT
X-Cache-Hits
1, 95931
X-Timer
S1646409640.198031,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6AB1
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Tue, 01 Mar 2022 06:18:08 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 04 Mar 2022 16:00:40 GMT
Age
34946
X-Served-By
cache-lga21950-LGA, cache-lhr7340-LHR
X-Cache
HIT, HIT
X-Cache-Hits
1, 96101
X-Timer
S1646409640.221286,VS0,VE0
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 838D
0
80 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.0
date
Fri, 04 Mar 2022 16:00:40 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sspmatch-iframe
ads.betweendigital.com/ Frame B08F
0
72 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pd
u.openx.net/w/1.0/ Frame 6BBD
0
35 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.0
date
Fri, 04 Mar 2022 16:00:40 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sspmatch-iframe
ads.betweendigital.com/ Frame 8E79
0
72 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6FF4
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Tue, 01 Mar 2022 06:18:08 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 04 Mar 2022 16:00:40 GMT
Age
34945
X-Served-By
cache-lga21950-LGA, cache-lhr7360-LHR
X-Cache
HIT, HIT
X-Cache-Hits
1, 99424
X-Timer
S1646409640.231258,VS0,VE0
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 53F2
0
72 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame D991
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Tue, 01 Mar 2022 06:18:08 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 04 Mar 2022 16:00:40 GMT
Age
34945
X-Served-By
cache-lga21950-LGA, cache-lhr7337-LHR
X-Cache
HIT, HIT
X-Cache-Hits
1, 95932
X-Timer
S1646409640.233875,VS0,VE0
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame AE2C
0
35 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.0
date
Fri, 04 Mar 2022 16:00:40 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame 5D00
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:40 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0ec22bb8-e625-4225-bbf0-3c1b059dd67f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pd
u.openx.net/w/1.0/ Frame A1AB
0
35 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.0
date
Fri, 04 Mar 2022 16:00:40 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sspmatch-iframe
ads.betweendigital.com/ Frame E90D
0
72 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6D8F
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Tue, 01 Mar 2022 06:18:08 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 04 Mar 2022 16:00:40 GMT
Age
34946
X-Served-By
cache-lga21950-LGA, cache-lhr7340-LHR
X-Cache
HIT, HIT
X-Cache-Hits
1, 96103
X-Timer
S1646409640.258981,VS0,VE0
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame E353
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:40 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
587ebbbb-1a15-4948-93e9-60978f6a4638
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6AB1
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:40 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fd53d573-4b06-474a-9826-9cb1116e2eb7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6FF4
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:40 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
27298f23-0c1c-4d01-a85b-15fba7855bfe
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D991
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:40 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0b533ea2-ee9a-487c-a280-0ae1e3c6cf80
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6D8F
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:40 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3f5b1fe5-cc60-46e3-9ea9-def8f9782acf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pd
u.openx.net/w/1.0/ Frame 3388
0
35 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.0
date
Fri, 04 Mar 2022 16:00:40 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sspmatch-iframe
ads.betweendigital.com/ Frame 5503
0
72 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame BC0D
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Tue, 01 Mar 2022 06:18:08 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 04 Mar 2022 16:00:40 GMT
Age
34946
X-Served-By
cache-lga21950-LGA, cache-lhr7340-LHR
X-Cache
HIT, HIT
X-Cache-Hits
1, 96105
X-Timer
S1646409640.474321,VS0,VE0
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame BC0D
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:40 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
60a29eec-1754-4e19-9603-bf744dbbf5e7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sspmatch-iframe
ads.betweendigital.com/ Frame F174
0
72 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.59 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pd
u.openx.net/w/1.0/ Frame 8C0A
0
35 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.0
date
Fri, 04 Mar 2022 16:00:40 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame F815
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://kloperd.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Tue, 01 Mar 2022 06:18:08 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 04 Mar 2022 16:00:40 GMT
Age
34946
X-Served-By
cache-lga21950-LGA, cache-lhr7340-LHR
X-Cache
HIT, HIT
X-Cache-Hits
1, 96106
X-Timer
S1646409641.585834,VS0,VE0
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame F815
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:40 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9e879cc0-83bf-4903-a840-a86b1fc426b0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5D00
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:41 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4f3f73a9-ee43-4381-8012-5805e833011b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E353
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:41 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8e522500-60cf-4cb0-b5a5-f194f9b6c0d2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6AB1
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:41 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
682e7863-5758-4e72-a94c-0d86634c3731
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6FF4
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:41 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7ebed081-b978-43e5-a7df-c7c460c91ad0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D991
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:41 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e2554106-c435-439c-bfea-74e26ac5ff7c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6D8F
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:41 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8b874519-edd4-45cd-8dfe-d80611518118
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BC0D
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:41 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6a605676-9e8b-499b-8af2-609c9f069a64
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F815
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 16:00:41 GMT
X-Proxy-Origin
5.187.21.104; 5.187.21.104; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
801285fa-7735-4b35-9cec-dc6679dbf7be
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 function| structuredClone object| oncontextlost object| oncontextrestored object| style string| api_endpoint object| viewer_data boolean| user_authenticated object| app function| plausible object| googletag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| adpnExecutions object| aliveChecks boolean| adpnLoaded object| _0x4cc4 function| _0x30b6 function| _0x4a113e object| _ds05un3 number| _pa_v object| paGlobal function| callUnitMan object| pa_prebid_fw object| pa_pbjs_fw1.1 object| pa_pbjs_fw2.0 object| dataLayer object| refCatKv object| google_tag_manager object| pa_pbjs_fw object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

9 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnoV9LtGvlSsp4V3eZeGI5exIX1myI03qV-nCtlOzcB0A-LaD_tXEAUaAfUI8Y
.pixeldrain.com/ Name: _ga
Value: GA1.2.1819317573.1646409636
.pixeldrain.com/ Name: _gid
Value: GA1.2.7588051.1646409637
.pixeldrain.com/ Name: _gat_gtag_UA_199748785_31
Value: 1
.pixeldrain.com/ Name: __gads
Value: ID=a63ec44ca2465819:T=1646409635:S=ALNI_MabUGbYiCfGb_Swek2w2JTNRwsPng
.betweendigital.com/ Name: dc
Value: was1
.adnxs.com/ Name: icu
Value: ChgI95t6EAoYASABKAEwpe-IkQY4AUABSAEQpe-IkQYYAA..
.adnxs.com/ Name: uuid2
Value: 4298325973168511451
.criteo.com/ Name: uid
Value: 9d212772-b6f0-4e4c-b894-5b27eaaf027c

3 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/022202072236000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://kloperd.com/r/p.html?f=ijgdhoks&e=1959133272352
Message:
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2242916252465175&correlator=1915197707210436&wbsu=934215a9-4e2e-48e3-9ac4-3b2466e7e283&callback=googletag.wbn1&eid=31065294%2C31065501%2C31065503%2C31060545%2C31065456%2C44758226&output=wbn&gdfp_req=1&vrg=2022022801&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=8951970%2Cdatapoint%2Cdell_corporation_limited_uk_oli_344512_AdDaptive&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FVMGopE5Agz8f3jFEZ_x7...33&bih=-12245933&isw=160&ish=600&oid=2&adxs=0&adys=0&ucis=vewjqph763a0&adks=2906322180&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dijgdhoks%26e%3D1959133272352&top=https%3A%2F%2Fpixeldrain.com%2F&frm=24&vis=1&scr_x=-12245933&scr_y=-12245933&psz=160x600&msz=160x0&ga_vid=1054820817.1646409638&ga_sid=1646409638&ga_hid=284137610&ga_fc=false&fws=256&ohw=0&nvt=1: WebBundle format "b1" is deprecated. See migration guide at https://bit.ly/3rpDuEX.
other warning URL: https://kloperd.com/r/p.html?f=ijgdhoks&e=1959133272352
Message:
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2242916252465175&correlator=1915197707210436&wbsu=934215a9-4e2e-48e3-9ac4-3b2466e7e283&callback=googletag.wbn1&eid=31065294%2C31065501%2C31065503%2C31060545%2C31065456%2C44758226&output=wbn&gdfp_req=1&vrg=2022022801&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=8951970%2Cdatapoint%2Cdell_corporation_limited_uk_oli_344512_AdDaptive&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FVMGopE5Agz8f3jFEZ_x7...33&bih=-12245933&isw=160&ish=600&oid=2&adxs=0&adys=0&ucis=vewjqph763a0&adks=2906322180&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dijgdhoks%26e%3D1959133272352&top=https%3A%2F%2Fpixeldrain.com%2F&frm=24&vis=1&scr_x=-12245933&scr_y=-12245933&psz=160x600&msz=160x0&ga_vid=1054820817.1646409638&ga_sid=1646409638&ga_hid=284137610&ga_fc=false&fws=256&ohw=0&nvt=1: urn:uuid resource URL in WebBundles is deprecated. See migration guide at https://bit.ly/3rpDuEX.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

124a63075f6f3b1fcf587f01674c5ced.safeframe.googlesyndication.com
1b1ead82496f6f0e5c5d2e2157a4e449.safeframe.googlesyndication.com
a771390be787bc68d376305e20db6ef2.safeframe.googlesyndication.com
acdn.adnxs-simple.com
acdn.adnxs.com
adpone-d.openx.net
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
bidder.criteo.com
cdn.adnxs.com
cdn.ampproject.org
crcdn01.adnxs-simple.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
gum.criteo.com
hb.adpone.com
hb.brainlyads.com
i.clean.gg
ib.adnxs.com
kloperd.com
mug.criteo.com
pagead2.googlesyndication.com
pixeldrain.com
powerad.ai
prg.smartadserver.com
reporting.powerad.ai
securepubads.g.doubleclick.net
static.criteo.net
stats.pixeldrain.com
tpc.googlesyndication.com
u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
13.32.121.53
142.250.185.226
151.101.1.108
151.101.193.108
151.101.65.108
178.250.0.157
178.250.0.165
18.211.226.152
185.86.138.121
2.18.232.130
2.18.233.180
23.20.158.212
2606:4700:20::681a:a19
2607:9280:a::77
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a01:4f8:c17:9c30::1
2a02:2638:1::13
2a02:2638:1::3
34.95.69.49
34.98.64.218
37.157.2.236
37.252.172.36
37.252.172.38
54.234.151.247
96.46.186.59
018b31eac0a7945bfa736671200ff5c7feb07d2419c85e196526eb9a8e6fb247
02adf012dfa8a3dfe10f21fba5d496559fdbd63d831d5acbb75472f97563ebfa
0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb
0cd78f7e5c694e1b272e568ef72dbd0a8132b8a15552aae85c7494f08de24e48
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
158ea3f9e71cc4bfeef3e274fc9ab9d29a2d1d24cdb94b5ee86664eef4cabf29
17d1f6e9e4470597099bd98343f2785f1d8b8aeb2fac3a5fb8178c646033a0dd
1a66e72f32fc5f22b4b88ce9aeaaf1243525649052026d2ff53d55ce05d6b15d
1df7a24523290093157df22484dc0881a2bcf2d5f4dc38e5f4d9cbce0684be97
1f92187e32fb9f75906b68ad3056f8fa8047e6009efa53c0505de1142a3be5b5
230b5ccea2021d7d4538236da23f5639ad3b56a57489374d32713637b6f24882
2453447de00540f2af86f05dc03cc6bdaf35084421b9e7ea52cf3574a2026fdd
24555477de3dba61eea435d276912206a1e614959e0d1a5b226bac2c495daea8
247f547b84b3238d252fa436f6ed400c2031de1c7e4c351a3c16a364d021ac6c
25269af52b17154256ead268251fc10150c40fa1490324ad11c34f3ad0cc80a8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
270c914b2603b8addb74b2b3a8cf09afaa48abfaa15dca9dd65cfea7e60b2e3c
2ab0338f45e291243eee46195548382c8398d037f5c9380a581dfe1ea2bdec29
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
31ebc2dd9988cd76b54eb398aaad2da83cc690738053865271ff1864d41a9c80
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
385b26d810fc09eb49a5ba157fecff4079e35a65d328557f4b9539783813cc9e
38dabdbd3879de34054b47802ef7b4e697386db3d00661a9d3d24674736b121b
39ae4604450a755070b3d40a743cd5bb47986f3ab8fed8350a863414890c4356
3a15a8f2123223dfd3f94cdfd1993f124e325744e4366b3663ffda251a19a846
3c0c388e728c9320a5d2d5aaa053091b053be9e935905fbdfe0018332278c7ff
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
42e2ae1549344309792056adec51ce8016b52e9adfb71afae09290171dc9eb9f
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2
4919ba2d628b1e13b760c0a80012a76e1b474780adf617fe62a6d287c8138263
4c51f742fbd4b6cd9947ba6ae6a26c9a2113680331d28bd3bce6b17be28af262
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
57d78baceb6ea0dc53d7a5c1e76307068dfcd90d81b1cd0e6a4f02e03ef6d1ac
5d577b2cef5dd142dafad1f81c89733373e32f9eb18125bd725360bd77995808
5e6aaf735e736a6f85855555407bde52592f8d1134581bbe63a55f9512fb4bb0
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621e239041447ad520be8f91bf01c61e630b2c70df70dd941f901d4d9e7cdd11
6539ff7208f803b3400ebc146bf81ffc85290b4e1fc1962c53e230167548da32
66ea91a01b97feca3757a3ff16e3782973b559b2d4cbe79f7704e91607f9aa47
675e303a5d224a9befa37374aaa7cfd2c0a905450e87d0b94a96a330b9836e2a
69eec237f67ffbc276dadb9f4c1753933fddec624ce86d135e74276647e7f448
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
70487c009651f1089b756de1415d95e7a7fec53021ad7b3e28b934333020dc1e
74fdacf93e6ac74b408bd6aa378e5aa2b721539ce2151a8d116568ebd20d2b5f
757dfd01705d47b563c3fe285bcb85f22f3dfd15a582832ea61153585c199646
7702fe0bce275f1f28c6ed2d19d13e5211842dd015eb0c86515cd77ac2263c3d
775833c4ab855c35734aeff9682f0cbd9f277375054e2adcdfec01ab836c1618
77b7a287b43a39795f69e1a02dd7575ad5b9d2b572b0883fb6c4f347f6249a02
7d3263a72c95acef8223239f888c003f61025ef722812fc918f867300b6a39fd
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
81049704d87edb91914b8251ce3629280bcb4b66728f9c3567c8a09cb5196321
816783f14d2f4d5e75a59c00225f3bd62949ba0ed22496330a6916bc0d2b2b35
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8731aabbb1cdd629d3edb80802afd792a25be3b71a85bae78e33ee0e3602c8f2
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07
8853df37d62103b821f9da9119a737d30c481619cd2cd08072cbe3c9b0a4b314
88714a4abee884f6dcc13efd84a988d1d6b1edd861f6344ad6a8e21d9c4d1d55
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
90a7ec481315375fc86fa889b621750050be92bce411c715b5d7fcf3d503d547
90fb9564af2a051526dc11a85ade868a941dcbbabd941839b151f0537e81f800
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
967558ed8abca4a09f872aee7af446391fb8addc154f48bca0f9155ea6de35e3
9be10f7bc5150b1e55202ef0d06db7527f26a567a673328f601101019a44b028
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac0bf7475310a2a72128b2a002b451b6653b55591850d5bdc36f47b28baa96d9
ade32b1bec47b6f5a0c6f5ecf114cac533a867127db1c11e23ab5c234159f163
ae41d1801e59d6ff92893ef85d890d81860c7115fbad308319d0799a7c32312c
af15909a1c20bf06de4468042e4efd3a0955cb45cf314a2d01b67e443251e01a
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
bcda11788d3022977ea450aa114de8909bb38a269bb8dee0d993b45ee74f7114
bf672891d81b29b347b7fb1b066cb7a3a4e62d29a9bd64c42debed6014c64ada
c229749111c7b3184582dec8e7b1b84aa82a19d5081a2dbdadbbfb1303932ce6
c46e294b9f60f10b21bd6adc61a09a443ed5b951484039d7d67f852b43066f6e
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
c7882a28f362b4f8a015fe93b64f58a431a89064852a6ba657f7d23f981d03b4
c9cb22ba37abcff94f1d39240acf6f126ee55ca17f3974295d941dec4be866e8
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d4c04959c98244dc32c651e65f9af740b4635f91212e944159f461fc621298d1
d5dd8a7f2df48587f09526eb587b43d8b21fde01e52745f86cf6fcb70f7a2d05
d801a6bd2d5f3db41792436ce95098ecf92a334ceb6d9d6e8dc6fcd0490d39a1
da937cf0f16decad13192ba0eda2d12924e94c888fca1e84f9b8f74bd1e8f1c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dcc1250069aac175b4443011f6adb2d1b2e9e0f89cf5b00765d1360d1f953c
e58f046523e0ae8d52a6bf9f2482ba90eaceae148ce41ff5e5ee04bac34c834f
e69503c254511309f0bf462624e54f96cd56c875fb4d21a570e02a74cf611e9e
ebc719d137039efddc8eb07f415745630bebdfa8fccd7a8ab9c808b5bb0dbf21
ec863800c69f561a5bd5df8cc7bdec6cbc4ae9917a28e0a96fd81df38d55aba2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1aa80d51e33a53374622d22c5e1d9fd1ee0633e7987624f3f1fb0a451351202
f35d5db4356384d45e39d73708d5ad2fef15655340a30652f675204d803cc85c
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
f49df63ac1474f1835471a10fa33641888b0af5eee53c10da142fe11befc56cb
f58f007ec184ea7bac8cdf0ec91417ed3b0d502d45d0ec0b10cd6f0a25ca31ad
f598cb1431a426b18ef3ace3598b2b25dfc71c7d49326038aa9f5bb8528604bf
f9c141103b57e547274799df03069c30320e8cb3ec4facad8e6fe7f658f985fb
fa9cdb3a5422c003e2074189258eb79991d7cbaff8606c9e25bebec2e78f6ee8
fd70eefec40d2ba59369f8424c120b4dcf21a3d96872d36ca3fcce3f9f6dcdf7