urlscan.io logo urlscan.io
SecurityTrails logo

www.kbzk.com Open in urlscan Pro
13.225.87.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kbzk.com/
Effective URL: https://www.kbzk.com/
Submission Tags: tranco_l324
Submission: On November 04 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 8 countries across 76 domains to perform 314 HTTP transactions. The main IP is 13.225.87.4, located in United States and belongs to AMAZON-02, US. The main domain is www.kbzk.com.
TLS certificate: Issued by Amazon on February 5th 2021. Valid for: a year.
This is the only time www.kbzk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 65.9.71.58 16509 (AMAZON-02)
6 13.225.87.4 16509 (AMAZON-02)
16 143.204.98.104 16509 (AMAZON-02)
4 2600:9000:215... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 18.66.122.78 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2.21.143.57 16625 (AKAMAI-AS)
5 143.204.95.188 16509 (AMAZON-02)
2 104.85.4.23 16625 (AKAMAI-AS)
2 3 2.19.35.65 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 143.204.103.127 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.186.102 15169 (GOOGLE)
2 13.32.121.32 16509 (AMAZON-02)
1 3 143.204.98.82 16509 (AMAZON-02)
3 5 2620:116:800d... 16509 (AMAZON-02)
1 35.227.203.93 15169 (GOOGLE)
1 52.205.167.202 14618 (AMAZON-AES)
1 18.169.206.72 16509 (AMAZON-02)
1 34.96.74.203 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 172.217.18.98 15169 (GOOGLE)
3 52.28.203.152 16509 (AMAZON-02)
2 2602:803:c004... 26667 (RUBICONPR...)
6 52.208.210.171 16509 (AMAZON-02)
2 15 178.128.135.80 14061 (DIGITALOC...)
3 34.149.20.76 15169 (GOOGLE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 52.28.103.21 16509 (AMAZON-02)
4 10 185.33.221.13 29990 (ASN-APPNEX)
12 34.98.64.218 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 52.57.26.239 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
6 2.18.235.40 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
12 23 142.250.186.66 15169 (GOOGLE)
5 7 2.21.141.232 16625 (AKAMAI-AS)
1 2 54.171.159.234 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 2 66.155.71.25 13768 (COGECO-PEER1)
2 2 2600:1f14:61c... 16509 (AMAZON-02)
4 5 2a05:d018:d29... 16509 (AMAZON-02)
5 6 37.157.4.28 198622 (ADFORM)
2 216.58.212.162 15169 (GOOGLE)
3 2600:9000:223... 16509 (AMAZON-02)
8 104.244.36.20 7415 (ADSAFE-1)
1 82.113.101.132 6805 (TDDE-ASN1)
4 14 76.223.111.18 ()
4 151.101.1.108 ()
2 2 134.209.129.254 ()
2 205.185.216.42 ()
6 23.79.143.124 ()
6 6 185.29.134.244 ()
1 67.202.105.22 ()
2 4 185.33.220.244 ()
3 8 35.71.131.137 ()
2 2620:119:50e1... ()
3 5 18.195.106.43 ()
2 2620:1ec:c11:... ()
2 4 209.54.178.82 ()
2 2 50.31.142.95 ()
3 3 2001:678:cb4:... ()
3 3 69.173.144.139 ()
4 69.173.144.165 ()
3 3 151.101.2.49 ()
1 35.244.174.68 ()
3 2.21.141.175 ()
2 2 35.186.253.211 ()
4 4 18.197.47.23 ()
3 3 18.156.0.31 ()
4 4 72.251.249.13 ()
2 178.162.133.149 ()
2 104.18.99.194 ()
1 198.47.127.19 ()
1 8.43.72.98 ()
2 2 213.155.156.183 ()
7 185.64.190.80 ()
1 178.250.2.151 ()
1 1 85.114.159.118 ()
12 185.64.189.110 ()
1 1 162.55.6.211 ()
3 3 213.19.147.44 ()
1 2606:4700:20:... ()
1 63.251.232.170 ()
1 1 94.23.171.206 ()
1 169.197.150.8 ()
1 2 2606:4700::68... ()
1 1 195.5.165.20 ()
2 198.47.127.20 ()
1 1 51.79.83.225 ()
1 2 2606:4700:10:... ()
1 159.253.128.188 ()
2 2 35.210.53.219 ()
1 2a02:fa8:8806... ()
1 1 159.65.196.12 ()
1 1 34.98.107.212 ()
314 88
2    65.9.71.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-58.fra56.r.cloudfront.net
kbzk.com
6    13.225.87.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-4.fra2.r.cloudfront.net
www.kbzk.com
16    143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net
ewscripps.brightspotcdn.com
4    2600:9000:2156:1800:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
2    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
4    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
3    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    18.66.122.78 (United States)

ASN16509 (AMAZON-02, US)
assets.scrippsdigital.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2.21.143.57 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-143-57.deploy.static.akamaitechnologies.com
sejs.moatads.com
z.moatads.com
5    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
2    104.85.4.23 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-4-23.deploy.static.akamaitechnologies.com
hbx.media.net
hblg.media.net
3    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
1    2a02:26f0:6c00:286::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    143.204.103.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-127.fra50.r.cloudfront.net
cdn.parsely.com
5    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
4394967.fls.doubleclick.net
2    13.32.121.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-32.fra60.r.cloudfront.net
api.ewscloud.com
3    143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net
sb.scorecardresearch.com
5    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com
pymx5.com
1    52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com
p1.parsely.com
1    18.169.206.72 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-206-72.eu-west-2.compute.amazonaws.com
mb.moatads.com
1    34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 203.74.96.34.bc.googleusercontent.com
api.pymx5.com
1    2600:9000:2240:9400:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.ewscloud.com
1    2600:9000:211e:600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.de
3    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
securepubads.g.doubleclick.net
3    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
15    178.128.135.80 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
3    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
2    52.28.103.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-103-21.eu-central-1.compute.amazonaws.com
tlx.3lift.com
10    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
12    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ewscripps-d.openx.net
eu-u.openx.net
us-u.openx.net
13    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
11    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    52.57.26.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2606:4700:3032::ac43:cb69 (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
6    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
px.moatads.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
23    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
7    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    54.171.159.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-159-234.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
9    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    2600:1f14:61c:1b01:b6a7:74fd:44e0:1ee0 (Boardman, United States)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
5    2a05:d018:d29:3605:5c5f:6ed9:45fe:73d4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
6    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2600:9000:223f:2200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com
dt.adsafeprotected.com
1    82.113.101.132 (Wetzlar, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
14    76.223.111.18 (None, )

ASN- ()
eb2.3lift.com
4    151.101.1.108 (None, )

ASN- ()
acdn.adnxs.com
2    134.209.129.254 (None, )

ASN- ()
sync.serverbid.com
2    205.185.216.42 (None, )

ASN- ()
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6    23.79.143.124 (None, )

ASN- ()
eus.rubiconproject.com
6    185.29.134.244 (None, )

ASN- ()
sync.mathtag.com
1    67.202.105.22 (None, )

ASN- ()
ssc-cms.33across.com
4    185.33.220.244 (None, )

ASN- ()
secure.adnxs.com
8    35.71.131.137 (None, )

ASN- ()
match.adsrvr.org
2    2620:119:50e1:101::6cae:b25 (None, )

ASN- ()
px.ads.linkedin.com
5    18.195.106.43 (None, )

ASN- ()
x.bidswitch.net
2    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
4    209.54.178.82 (None, )

ASN- ()
s.amazon-adsystem.com
2    50.31.142.95 (None, )

ASN- ()
b1sync.zemanta.com
3    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
3    69.173.144.139 (None, )

ASN- ()
token.rubiconproject.com
4    69.173.144.165 (None, )

ASN- ()
pixel.rubiconproject.com
3    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    35.244.174.68 (None, )

ASN- ()
id.rlcdn.com
3    2.21.141.175 (None, )

ASN- ()
ads.pubmatic.com
2    35.186.253.211 (None, )

ASN- ()
rtb.openx.net
4    18.197.47.23 (None, )

ASN- ()
pixel.advertising.com
3    18.156.0.31 (None, )

ASN- ()
ups.analytics.yahoo.com
4    72.251.249.13 (None, )

ASN- ()
ap.lijit.com
2    178.162.133.149 (None, )

ASN- ()
sync.go.sonobi.com
2    104.18.99.194 (None, )

ASN- ()
p.adsymptotic.com
1    198.47.127.19 (None, )

ASN- ()
image6.pubmatic.com
1    8.43.72.98 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
2    213.155.156.183 (None, )

ASN- ()
d5p.de17a.com
7    185.64.190.80 (None, )

ASN- ()
image2.pubmatic.com
1    178.250.2.151 (None, )

ASN- ()
dis.criteo.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
12    185.64.189.110 (None, )

ASN- ()
simage2.pubmatic.com
1    162.55.6.211 (None, )

ASN- ()
csync.loopme.me
3    213.19.147.44 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    2606:4700:20::681a:ad1 (None, )

ASN- ()
ad4m.at
1    63.251.232.170 (None, )

ASN- ()
cm.adgrx.com
1    94.23.171.206 (None, )

ASN- ()
green.erne.co
1    169.197.150.8 (None, )

ASN- ()
match.deepintent.com
2    2606:4700::6812:d05 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
2    198.47.127.20 (None, )

ASN- ()
image4.pubmatic.com
1    51.79.83.225 (None, )

ASN- ()
pixel.onaudience.com
2    2606:4700:10::ac43:db6 (None, )

ASN- ()
spl.zeotap.com
mwzeom.zeotap.com
1    159.253.128.188 (None, )

ASN- ()
um.simpli.fi
2    35.210.53.219 (None, )

ASN- ()
pool.admedo.com
1    2a02:fa8:8806:13::1370 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    159.65.196.12 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    34.98.107.212 (None, )

ASN- ()
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
41 doubleclick.net
4394967.fls.doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
212 KB
26 googlesyndication.com
pagead2.googlesyndication.com
23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
tpc.googlesyndication.com
265 KB
25 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
36 KB
23 rubiconproject.com
ads.rubiconproject.com
fastlane.rubiconproject.com
prebid-a.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
pixel-us-east.rubiconproject.com
147 KB
18 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
55 KB
17 serverbid.com
e.serverbid.com
sync.serverbid.com
5 KB
16 3lift.com
tlx.3lift.com
eb2.3lift.com
8 KB
16 brightspotcdn.com
ewscripps.brightspotcdn.com
1 MB
14 openx.net
ewscripps-d.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
4 KB
13 adsafeprotected.com
fw.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
98 KB
11 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
8 KB
10 moatads.com
sejs.moatads.com
mb.moatads.com
z.moatads.com
px.moatads.com
287 KB
9 2mdn.net
s0.2mdn.net
249 KB
9 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
42 KB
8 adsrvr.org
match.adsrvr.org
3 KB
8 kbzk.com
kbzk.com
www.kbzk.com
304 KB
7 casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
6 KB
6 mathtag.com
sync.mathtag.com
3 KB
6 adform.net
c1.adform.net
3 KB
6 gumgum.com
g2.gumgum.com
rtb.gumgum.com
4 KB
6 google.com
adservice.google.com
www.google.com
2 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 quantserve.com
secure.quantserve.com
pixel.quantserve.com
11 KB
5 google-analytics.com
www.google-analytics.com
21 KB
5 typekit.net
use.typekit.net
p.typekit.net
52 KB
4 lijit.com
ap.lijit.com
2 KB
4 advertising.com
pixel.advertising.com
1 KB
4 33across.com
ssc.33across.com
ssc-cms.33across.com
604 B
4 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
92 KB
3 everesttech.net
sync-tm.everesttech.net
799 B
3 turn.com
ad.turn.com
1 KB
3 analyticssystems.net
analyticssystems.net
1 KB
3 googletagservices.com
www.googletagservices.com
111 KB
3 dotomi.com
web.hb.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
984 B
3 google.de
adservice.google.de
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 ewscloud.com
api.ewscloud.com
static.ewscloud.com
5 KB
3 fontawesome.com
use.fontawesome.com
132 KB
2 admedo.com
pool.admedo.com
717 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
887 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 adsymptotic.com
p.adsymptotic.com
2 sonobi.com
sync.go.sonobi.com
952 B
2 zemanta.com
b1sync.zemanta.com
602 B
2 bing.com
c.bing.com
851 B
2 linkedin.com
px.ads.linkedin.com
880 B
2 digitaloceanspaces.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
10 KB
2 tidaltv.com
sync.tidaltv.com
828 B
2 sitescout.com
pixel-sync.sitescout.com
528 B
2 pymx5.com
pymx5.com
api.pymx5.com
10 KB
2 parsely.com
cdn.parsely.com
p1.parsely.com
24 KB
2 facebook.net
connect.facebook.net
78 KB
2 media.net
hbx.media.net
hblg.media.net
99 KB
2 scrippsdigital.com
assets.scrippsdigital.com
4 KB
2 cookielaw.org
cdn.cookielaw.org
7 KB
1 playground.xyz
ads.playground.xyz
487 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 simpli.fi
um.simpli.fi
612 B
1 onaudience.com
pixel.onaudience.com
398 B
1 iprom.net
core.iprom.net
521 B
1 deepintent.com
match.deepintent.com
44 B
1 erne.co
green.erne.co
325 B
1 adgrx.com
cm.adgrx.com
408 B
1 ad4m.at
ad4m.at
916 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 loopme.me
csync.loopme.me
216 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
334 B
1 rlcdn.com
id.rlcdn.com
1 o2online.de
portal.o2online.de
609 B
1 quantcount.com
rules.quantcount.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
46 KB
0 contextweb.com Failed
bh.contextweb.com Failed
0 id5-sync.com Failed
id5-sync.com Failed
314 76
Domain Requested by
23 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
eu-u.openx.net
eb2.3lift.com
16 ewscripps.brightspotcdn.com www.kbzk.com
15 e.serverbid.com 2 redirects ads.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
14 eb2.3lift.com 4 redirects ads.rubiconproject.com
eb2.3lift.com
13 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
12 simage2.pubmatic.com ads.pubmatic.com
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
s0.2mdn.net
10 ib.adnxs.com 4 redirects ads.rubiconproject.com
googleads.g.doubleclick.net
acdn.adnxs.com
9 s0.2mdn.net www.kbzk.com
23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
s0.2mdn.net
9 securepubads.g.doubleclick.net www.kbzk.com
securepubads.g.doubleclick.net
www.googletagservices.com
8 match.adsrvr.org 3 redirects eu-u.openx.net
eb2.3lift.com
8 dt.adsafeprotected.com 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
7 image2.pubmatic.com ads.pubmatic.com
6 sync.mathtag.com 6 redirects
6 eus.rubiconproject.com ads.rubiconproject.com
eus.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6 eu-u.openx.net ads.rubiconproject.com
eu-u.openx.net
6 c1.adform.net 5 redirects ads.pubmatic.com
6 px.moatads.com
6 www.kbzk.com www.kbzk.com
ewscripps.brightspotcdn.com
5 x.bidswitch.net 3 redirects eb2.3lift.com
5 pr-bh.ybp.yahoo.com 4 redirects ads.pubmatic.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.kbzk.com
5 c.amazon-adsystem.com www.kbzk.com
c.amazon-adsystem.com
4 ap.lijit.com 4 redirects
4 pixel.advertising.com 4 redirects
4 pixel.rubiconproject.com
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
4 us-u.openx.net eu-u.openx.net
4 secure.adnxs.com 2 redirects acdn.adnxs.com
4 acdn.adnxs.com ads.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
4 prebid-a.rubiconproject.com ads.rubiconproject.com
4 pixel.quantserve.com 3 redirects www.kbzk.com
4 use.typekit.net www.kbzk.com
use.typekit.net
4 d3plfjw9uod7ab.cloudfront.net www.kbzk.com
securepubads.g.doubleclick.net
23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
3 ups.analytics.yahoo.com 3 redirects
3 ads.pubmatic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 token.rubiconproject.com 3 redirects
3 ad.turn.com 3 redirects
3 rtb.gumgum.com ads.rubiconproject.com
ads.pubmatic.com
3 static.adsafeprotected.com fw.adsafeprotected.com
23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
3 analyticssystems.net www.kbzk.com
23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
3 www.googletagservices.com securepubads.g.doubleclick.net
23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
3 www.google.com tpc.googlesyndication.com
securepubads.g.doubleclick.net
23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
3 ssc.33across.com ads.rubiconproject.com
3 g2.gumgum.com ads.rubiconproject.com
3 c2shb.ssp.yahoo.com ads.rubiconproject.com
3 adservice.google.de adservice.google.com
securepubads.g.doubleclick.net
3 stats.g.doubleclick.net www.google-analytics.com
3 adservice.google.com 4394967.fls.doubleclick.net
securepubads.g.doubleclick.net
3 sb.scorecardresearch.com 1 redirects www.kbzk.com
3 use.fontawesome.com www.kbzk.com
use.fontawesome.com
2 pool.admedo.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 p.adsymptotic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 sync.go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 ssum-sec.casalemedia.com 2 redirects
2 rtb.openx.net 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 c.bing.com eb2.3lift.com
2 px.ads.linkedin.com eb2.3lift.com
2 serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.rubiconproject.com
2 sync.serverbid.com 2 redirects
2 googleads4.g.doubleclick.net www.kbzk.com
2 sync.tidaltv.com 2 redirects
2 pixel-sync.sitescout.com 1 redirects 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects www.kbzk.com
2 googleads.g.doubleclick.net 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
2 z.moatads.com securepubads.g.doubleclick.net
2 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ewscripps-d.openx.net ads.rubiconproject.com
2 tlx.3lift.com ads.rubiconproject.com
2 web.hb.ad.cpe.dotomi.com ads.rubiconproject.com
2 fastlane.rubiconproject.com ads.rubiconproject.com
2 api.ewscloud.com ewscripps.brightspotcdn.com
2 4394967.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 connect.facebook.net www.kbzk.com
connect.facebook.net
2 assets.scrippsdigital.com www.kbzk.com
2 cdn.cookielaw.org www.kbzk.com
cdn.cookielaw.org
2 kbzk.com 2 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 core.iprom.net 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 image6.pubmatic.com ads.pubmatic.com
1 id.rlcdn.com
1 ssc-cms.33across.com ads.rubiconproject.com
1 portal.o2online.de
1 hblg.media.net www.kbzk.com
1 rules.quantcount.com secure.quantserve.com
1 static.ewscloud.com www.kbzk.com
1 api.pymx5.com pymx5.com
1 mb.moatads.com sejs.moatads.com
1 p1.parsely.com www.kbzk.com
1 pymx5.com www.googletagmanager.com
1 secure.quantserve.com www.kbzk.com
1 cdn.parsely.com www.kbzk.com
1 p.typekit.net use.typekit.net
1 ads.rubiconproject.com www.kbzk.com
1 hbx.media.net www.kbzk.com
1 sejs.moatads.com www.kbzk.com
1 www.googletagmanager.com www.kbzk.com
0 bh.contextweb.com Failed ads.pubmatic.com
0 id5-sync.com Failed
314 123
Subject Issuer Validity Valid
*.scrippsnationalnews.com
Amazon		 2021-02-05 -
2022-03-06		 a year crt.sh
ewscripps.brightspotcdn.com
Amazon		 2021-05-30 -
2022-06-28		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.scrippsdigital.com
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-16 -
2022-07-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-13 -
2021-11-11		 3 months crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.ewscloud.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-19 -
2022-09-19		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.pymx5.com
Go Daddy Secure Certificate Authority - G2		 2021-09-12 -
2022-09-10		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
e.serverbid.com
R3		 2021-10-22 -
2022-01-20		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2021-09-28 -
2021-12-27		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.analyticssystems.net
R3		 2021-10-10 -
2022-01-08		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.adsafeprotected.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-17		 a year crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-02-19		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-30		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh

This page contains 48 frames:

Primary Page: https://www.kbzk.com/
Frame ID: 4767EF39BD229AA516CCD65A95C2487F
Requests: 110 HTTP requests in this frame

Frame: https://4394967.fls.doubleclick.net/activityi;dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F
Frame ID: 61722BDF5CF15C731E2B170CAB621275
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F
Frame ID: 48FAD7CD26340E19C60B8EEE2C209A39
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F
Frame ID: BD6711C18E48EAF1AA84BF5BF4691D7E
Requests: 1 HTTP requests in this frame

Frame: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 80C021154A9951240E76B1F557E7DAD8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EF6ECBC3D7A09FED923607CE5B64330F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0DD206C5227B6143E038E7FF4718EB17
Requests: 2 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Frame ID: 4598EB9296DD8757958F60C5A4F985B8
Requests: 11 HTTP requests in this frame

Frame: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 424B4D9F51986060BFA8E53F73653596
Requests: 29 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Frame ID: 4491B8B331DC76D8C6A140627A4D32F6
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjU8am3ATAB&v=APEucNW8ADdXDzB6IfRaQfK5dZqVumCTYthfSe1MS4xcPnHkyCDDVAv0WSE6XY7YnOCl_r05Bpo8l40PN0vm6l5rXQEiSxbErpPe_zf4RjQCs5F1SuIPfX2JoVgrMVOlvoy6SyBvmpsH0UYINa5YIOg8Gyfk6KRY7VV5wgHo4JC_aNSKX8GKOVA
Frame ID: 96381C0627D4632336BA38828F6989CA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ADAF95475014D6FD041FB2AC1D796943
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 157BFE6F6DF031D9DCCFAD5A83E06630
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61553327/20210617233614612/728x090.html?e=69&leftOffset=0&topOffset=0&c=7dI7Dquw7G&t=1&renderingType=2
Frame ID: 9E293D630D0B37519DFF8F612A0FF53A
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 1D822E6F61807011D98ADEFC39FAF5E9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js
Frame ID: A2E9E0BD16673F20663AD6211533C93A
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 2A5E636A1FD10AB291B0B96CBC4DDEC3
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 831F3462F56D24E2894D03A00E3F4943
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E78352212895BA6B6B34DDB39C9262B6
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Frame ID: 693DFDA7FA2995551656715B3FD5A598
Requests: 7 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: ECB07EE94B5D01288ED9483B57C09942
Requests: 8 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: A41FECC543A278F5841935E22592196D
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 428596101966632321BF09BDA7AEB1FE
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=beff6183-ba9b-4300-ac0d-60316c91a3a3&gdpr=1&gdpr_consent=
Frame ID: 348A727E97AD4EC85953CFBE8A329CED
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Frame ID: 45368E6CDD083A622379F1D0B33EA82C
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: EE4CA7B54F4206FF79BE728F17FD20D4
Requests: 11 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a79EQiBymr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 27297399920D7116170A426D708EA857
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 20B369BB2F0192E239C79EDB6D604C92
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: 015A0607B9E8FE02618B32DEF5DCD3AB
Requests: 22 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 7B0CB6F94AC889D21979AB3DFD0DD810
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: BD1223ED95254F6FD6875CF33CF81D88
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: E6BBE2BAEA4FBD77073762C5A11E45DC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 72D0B9A5B2741317B9854989EFE530EF
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=3D4A5D00-3A24-42C5-A1B7-A33D615B513A
Frame ID: 14E64C4737649C577846B42C205918BA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1809856044130496677
Frame ID: 4DD9C25056FB9F4F01C3932116D6FCE1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: FF423FFC6EC9A8E54C49641A93D2A4ED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026665022812649620
Frame ID: B17955ADC4ED8E844C61618BBAC1E985
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYO6nAAB-jvnLQAz&gdpr=0&gdpr_consent=
Frame ID: 6EC68B9FBBE0D322CFAFFD6C869741AD
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC3m07DB3UAABhmgpTVCw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Frame ID: 1A3CF20EFFB03F469971D738FB8F6EB2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 0A613784455BB024E0570D8544222CA5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fbba0ce0-d3d9-455b-add7-e3a9ccb9c429-003
Frame ID: 859E7BA5BDF4A3A768A8DEC28FA9297A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: E989BB7E6174B0F0A0E4E507177D8C99
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 7D38AF5B49DB6C81114676FA25E2C404
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=eCpzuURojn0khoQaa4duXwqp
Frame ID: 4D7A276828B6662376A643A7ED845C5C
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 485C66B6C16CBADF6721BD44EAA32DB8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: F3985A86FF8619A024BBD61A85229FC4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:82908084531722
Frame ID: F40EDA4650CC2DA8DBB86388BAD462AE
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=3D4A5D00-3A24-42C5-A1B7-A33D615B513A
Frame ID: 5FE100EF6DF7EBE5C31DF9FAAE4E4EC0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Homepage

Page URL History Show full URLs

  1. http://kbzk.com/ HTTP 301
    https://kbzk.com/ HTTP 301
    https://www.kbzk.com/ Page URL

Page Statistics

314
Requests

77 %
HTTPS

30 %
IPv6

76
Domains

123
Subdomains

88
IPs

8
Countries

3587 kB
Transfer

7786 kB
Size

39
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kbzk.com/ HTTP 301
    https://kbzk.com/ HTTP 301
    https://www.kbzk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F HTTP 302
  • https://4394967.fls.doubleclick.net/activityi;dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F
Request Chain 54
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1636022933785&ns_c=UTF-8&cv=3.5&c8=Homepage&c7=https%3A%2F%2Fwww.kbzk.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1636022933785&ns_c=UTF-8&cv=3.5&c8=Homepage&c7=https%3A%2F%2Fwww.kbzk.com%2F&c9=
Request Chain 145
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkKKvvtMtzC-AZ9z6rxQbQ&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkKKvvtMtzC-AZ9z6rxQbQ&google_cver=1&C=1
Request Chain 146
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYO6l0uAjJshze3D3J50PgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkKKvvtMtzC-AZ9z6rxQbQ&google_cver=1
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEM3YCtmCx4bBgb7MgcjHMsg&google_cver=1
Request Chain 148
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxNzk0Mzg0NjgwNjMzNDM4MQ%3D%3D
Request Chain 158
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEM9jTTXaaJ5J4ozHTugcdDU&google_cver=1&google_push=AYg5qPLZ6X8Ifbe1NRe5o36rPH1stgRsVC2RPJRYenPjicZeAM-oyI4tCXWR6R6qsA3Uq9atex2y94wypfMOP5sPV1R6oFicivPX HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEM9jTTXaaJ5J4ozHTugcdDU&google_cver=1&google_push=AYg5qPLZ6X8Ifbe1NRe5o36rPH1stgRsVC2RPJRYenPjicZeAM-oyI4tCXWR6R6qsA3Uq9atex2y94wypfMOP5sPV1R6oFicivPX&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=UdMOn82NT7GQeue8DFK9XA&gdpr=1&gdpr_consent=
Request Chain 159
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELlvKp0GRr98RB5nLuURzoo&google_cver=1&google_push=AYg5qPIsO37x5anMlMwe2VMO67KsuUV1Tj75W0Q_BmBIWgSNW9wHVV92C7VCbE0uJvd6LNirJHptqm56XJF8Cdg_PWjoIaFrap3G HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIsO37x5anMlMwe2VMO67KsuUV1Tj75W0Q_BmBIWgSNW9wHVV92C7VCbE0uJvd6LNirJHptqm56XJF8Cdg_PWjoIaFrap3G&google_hm=MzE3MDc5NjM2NDYxNzAzNjM0NA%3D%3D
Request Chain 160
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC7Q7ckWAxNWec5nHlKhLT0&google_cver=1&google_push=AYg5qPJ63p-kGNaGqrsIJdELYDupRRRvE-VKkvVpf7AZwfjREW5KFT1oBQpzWteSHP2GP2rPOOYgIobxVhkVgnGjxHywhjvPHYI HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC7Q7ckWAxNWec5nHlKhLT0&google_cver=1&google_push=AYg5qPJ63p-kGNaGqrsIJdELYDupRRRvE-VKkvVpf7AZwfjREW5KFT1oBQpzWteSHP2GP2rPOOYgIobxVhkVgnGjxHywhjvPHYI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA5MDM1OTIwMzEwMzA0NDg2Ng&google_push=AYg5qPJ63p-kGNaGqrsIJdELYDupRRRvE-VKkvVpf7AZwfjREW5KFT1oBQpzWteSHP2GP2rPOOYgIobxVhkVgnGjxHywhjvPHYI
Request Chain 161
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1
Request Chain 162
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEIGChE13H0Y0IZItsRSN5jg&google_cver=1&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
Request Chain 169
  • https://fw.adsafeprotected.com/rfw/st/769474/57701840/skeleton.js?adsafe_url=https%3A%2F%2Fwww.kbzk.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:19ddaadd-43eb-5f24-76b2-e8784200156b,c:sZIJ5z,sl:outOfView,em:true,fr:false,thd:1,mn:app05ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:85,fm:sNN7vCL+1111%7C12%7C13%7C14%7C15*.769474-57701840%7C151%7C152%7C1531%7C154%7C16,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:103,oid:ce959e71-3d5c-11ec-b3c5-02bf2b86cc68,v:19.8.262,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 196
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 200
  • https://sync.serverbid.com/ss/2000248.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Request Chain 201
  • https://sync.serverbid.com/ss/2000248.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Request Chain 203
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=beff6183-ba9b-4300-ac0d-60316c91a3a3&gdpr=1&gdpr_consent=
Request Chain 205
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 207
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=4217943846806334381
Request Chain 208
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMO6TbOtSzSiIZinMRVhSN7-ka5-WpokxIffDYCQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMO6TbOtSzSiIZinMRVhSN7-ka5-WpokxIffDYCQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=00818d40-be94-4136-b3c0-b515f13ff3fd&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO6TbOtSzSiIZinMRVhSN7-ka5-WpokxIffDYCQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=00818d40-be94-4136-b3c0-b515f13ff3fd&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=37e8205f-b951-44cb-a832-6be2627ee79e&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEFzJb5TCIITbIcP75OsdBzA&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEFzJb5TCIITbIcP75OsdBzA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4217943846806334381&opid=apx&ops=&utidl=tech:goo:CAESEFzJb5TCIITbIcP75OsdBzA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22226998725&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=5560720177337185a004249c9c21f2ef&gdpr=1&gdpr_consent=
Request Chain 210
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=80006183-ba9b-4700-96f1-58acb3c44b66
Request Chain 211
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UBQbXgREGlhLQRBcVkAOWVMVFVtLFxsJV0aZ6G1G
Request Chain 212
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9090359203103044866
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4QlYXhaixlmpMuwPE9Vxg&google_cver=1
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMkf7Pcsuopc0VHoF6t-QQQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 218
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY1NTQ4MzY2MjkzMjA5Nzc1OA%3D%3D
Request Chain 220
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/9655483662932097758?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-u6rn5k9E2oTv3rcfXXbwVcJP9HUGkcvPNp_qjAFfjQ--~A&dongle=0883
Request Chain 223
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9655483662932097758 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9655483662932097758&dcc=t
Request Chain 224
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 225
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4446784529667817552&dongle=d407
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMkf7Pcsuopc0VHoF6t-QQQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 229
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY1NTQ4MzY2MjkzMjA5Nzc1OA%3D%3D
Request Chain 231
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/9655483662932097758?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-u6rn5k9E2oTv3rcfXXbwVcJP9HUGkcvPNp_qjAFfjQ--~A&dongle=0883
Request Chain 234
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9655483662932097758 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9655483662932097758&dcc=t
Request Chain 235
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 236
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4374726935629889616&dongle=d407
Request Chain 237
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=80006183-ba9b-4700-96f1-58acb3c44b66
Request Chain 238
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UBQbXgREGlhLQRBcVkAOWVMVFVtLFxsJV0aZ6G1G
Request Chain 239
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9090359203103044866
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4QlYXhaixlmpMuwPE9Vxg&google_cver=1
Request Chain 245
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NoKIy1BGqRRq16DyEzNKe8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3170796364617036344
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGmOOH9cGtGdFiwRflPuO5k&google_cver=1
Request Chain 247
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZLVFRCNjItMUgtQTY5MA==
Request Chain 248
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=80006183-ba9b-4700-96f1-58acb3c44b66&expires=28
Request Chain 249
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YYO6nAAB-jvnLQAz HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYO6nAAB-jvnLQAz&_test=YYO6nAAB-jvnLQAz
Request Chain 250
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTIxM2I4ZGEwODc2YTBlMDU1MjM1OGExYWQzMWJjODdjNzY1NTYzNw
Request Chain 252
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 255
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=9d8d2443-30b2-0943-2cd6-828fa627890c
Request Chain 256
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=4217943846806334381
Request Chain 257
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPd1784b1f-3d5c-11ec-8bf2-027c44041890 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPd1784b1f-3d5c-11ec-8bf2-027c44041890
Request Chain 258
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYO6l0uAjJshze3D3J50PgAA%261208
Request Chain 259
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=c9b156e02c35da9f0d606fe0
Request Chain 261
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.5944570465654655%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
  • https://p.adsymptotic.com/d/px/ue1-sb1-dbf172f5-bc5a-401e-b8cc-d446f4a4fe92
Request Chain 262
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=9d8d2443-30b2-0943-2cd6-828fa627890c
Request Chain 263
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=4217943846806334381
Request Chain 264
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPd1784b1f-3d5c-11ec-8bf2-027c44041890 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPd1784b1f-3d5c-11ec-8bf2-027c44041890
Request Chain 265
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYO6l0uAjJshze3D3J50PgAA%261208
Request Chain 266
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=d2c51d00388437f7b72f3738
Request Chain 268
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 271
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.6238127772065296%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
  • https://p.adsymptotic.com/d/px/ue1-sb1-dbf172f5-bc5a-401e-b8cc-d446f4a4fe92
Request Chain 279
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1809856044130496677
Request Chain 281
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026665022812649620
Request Chain 282
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYO6nAAB-jvnLQAz&gdpr=0&gdpr_consent=
Request Chain 283
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDM20wN0RCM1VBQUJobWdwVFZDdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC3m07DB3UAABhmgpTVCw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Request Chain 284
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 285
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1087110338 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/32b17827-439d-455e-9162-1894b40397a3 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fbba0ce0-d3d9-455b-add7-e3a9ccb9c429-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-fbba0ce0-d3d9-455b-add7-e3a9ccb9c429-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fbba0ce0-d3d9-455b-add7-e3a9ccb9c429-003
Request Chain 288
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=eCpzuURojn0khoQaa4duXwqp
Request Chain 290
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 291
  • https://core.iprom.net/cookiesync HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:82908084531722
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PUpdADokQsWht6M9YVtROg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 294
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=80006183-ba9b-4700-96f1-58acb3c44b66
Request Chain 295
  • https://pixel.onaudience.com/?partner=214&mapped=3D4A5D00-3A24-42C5-A1B7-A33D615B513A HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=f0563c48d587db1a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d265f231-45ee-44e0-6e23-c0e235282539&reqId=26d07401-c025-44bf-569c-90d028719c6f&zcluid=f0563c48d587db1a&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHYzaGtmxUmJsF4gtenwpBM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d265f231-45ee-44e0-6e23-c0e235282539&reqId=26d07401-c025-44bf-569c-90d028719c6f&zcluid=f0563c48d587db1a&zdid=1332
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Q0QTVEMDAtM0EyNC00MkM1LUExQjctQTMzRDYxNUI1MTNB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN72RodDXKqaHE8KjPbR8Nc&google_cver=1
Request Chain 299
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:80006183-ba9b-4700-96f1-58acb3c44b66&gdpr=0&gdpr_consent=
Request Chain 300
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=32b17827-439d-455e-9162-1894b40397a3
Request Chain 301
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9090359203103044866
Request Chain 302
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4217943846806334381&gdpr=0&gdpr_consent=
Request Chain 303
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JFiDvHAIgro_DYi-IgyWuydZjbk_W4PrIwq3f3Af
Request Chain 304
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3D4A5D00-3A24-42C5-A1B7-A33D615B513A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-p1wscCJE2uUDvqJyePSwCqWkQ.tliWE-~A&gdpr=0&gdpr_consent=
Request Chain 306
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7f751e34-236d-4c9c-a536-f999d09bb9a9 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7f751e34-236d-4c9c-a536-f999d09bb9a9 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=6019c368-7bee-4d02-81e6-4ac1babd069d&user_group=1&ssp=pubmatic&bsw_param=7f751e34-236d-4c9c-a536-f999d09bb9a9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7f751e34-236d-4c9c-a536-f999d09bb9a9&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 308
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4446784529667817552&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 309
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 310
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:432bd8f8-475a-4b4a-a71a-1b07f14fcb61&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 311
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4217943846806334381

314 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kbzk.com/
Redirect Chain
  • http://kbzk.com/
  • https://kbzk.com/
  • https://www.kbzk.com/
296 KB
70 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-4.fra2.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
b61ae0ed09fa41ccbcd2be5d8544f7f18cc230a9f0feb728477916e177583d38

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=240
Content-Encoding
gzip
Date
Thu, 04 Nov 2021 10:46:32 GMT
Server
Apache Tomcat
X-Powered-By
Brightspot
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
NZUmMfvVFHsSlX9QcmDV1cpgnYaAL_zR4CJmkzZbiube-8gYWZqFng==
Age
140

Redirect headers

Content-Type
text/html; charset=iso-8859-1
Content-Length
229
Connection
keep-alive
Date
Thu, 04 Nov 2021 10:19:05 GMT
Location
https://www.kbzk.com/
Server
Apache
X-Cache
Hit from cloudfront
Via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
VvdWUkoh6rczrbgGWEUa604wKpQtL-K7-oGVO81Z_5N4nDYiyay6DQ==
Age
1788
All.min.721da039e12531468b3ac05943138423.gz.css
ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/ 		115 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.721da039e12531468b3ac05943138423.gz.css
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24d1eca2cdf9523d574152e4ebc006c6e2aefde295e42c09ec07304881af354c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 16:54:10 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 28 Oct 2021 16:54:09 GMT
Server
AmazonS3
Age
582884
ETag
"1f30e1262dea997fcecf32f1f39137c5"
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
21476
X-Amz-Cf-Id
8DsVlRVpSQzTTpmSrHbp96oTLVDkJ4hoFcCH9nG0U19U38lQXT38Dg==
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ 		99 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96d16a0b319e19558dd3ca001ddeff2b859647ddeb0986ef9c221353b986b5f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
EaC1hMINznJTvlXDuD3K1X1QPyH.ztM_
content-encoding
br
last-modified
Wed, 03 Nov 2021 18:53:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"b7261192938b74de08a281687b16ff80"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
max-age=300, public
date
Thu, 04 Nov 2021 10:48:53 GMT
x-amz-cf-id
NZMOHikgu4LxJ_6Wpbki7Ht3LWWGuEOrLPqMEg6r4349d6m90Yzh_w==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 04 Nov 2021 10:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OPcq+YIYFFKAyM1Ar0weOg==
age
1421011
vary
Accept-Encoding
content-length
6350
x-ms-lease-status
unlocked
last-modified
Thu, 14 Oct 2021 05:25:41 GMT
server
cloudflare
etag
0x8D98ED3103C1468
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
75937fa8-e01e-0075-326c-c45f5d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a8d45c56ac53746-MXP
expires
Fri, 12 Nov 2021 10:48:53 GMT
tsu4adm.css
use.typekit.net/ 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/tsu4adm.css
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7cf89686a83932b96590f942f131f107965fde7ad08b3c7fdbba6c9af641bc22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 04 Nov 2021 10:48:53 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1725
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer
https://www.kbzk.com/
Origin
https://www.kbzk.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10420676
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
3YAEFV6MXH7QA112
x-amz-id-2
MhIBLGZS1fPeD2ojz4MHWPdbB1aHkTYW63+FyyKxbiXtNlykvLssptiLrGCUkeATfDY6SUeNid8=
last-modified
Wed, 30 Jun 2021 15:30:31 GMT
server
cloudflare
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHZfDuTdilBTznnkzhKgF5Yol1FA6%2FXzK2mYyh4OBrgChTMi0QPflyqB4cXZpG5rKhBR6YQ0C8pPfDy5TJT1ZvWkb5WBstwUrBanWTFHndDtcQyPEBIMG8rBAfNZesRa95mL7D65L13dBvGlwvFdP0la"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6a8d45c539ac176e-FRA
square--144.png
assets.scrippsdigital.com/cms/images/color_schemes/kbzk/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.scrippsdigital.com/cms/images/color_schemes/kbzk/square--144.png
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
/
ewscripps.brightspotcdn.com/dims4/default/8247b83/2147483647/strip/true/crop/467x133+0+0/resize/400x114!/quality/90/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/8247b83/2147483647/strip/true/crop/467x133+0+0/resize/400x114!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F5d%2Fa7%2Fb7ce663e4eb985247c1796c704f3%2Fkbzk-main-logo.png
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
748bd7ba444e5d42e13524be8c1b22c5f2d02efa883cd27007229d70bafd6de0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 04 Oct 2021 03:14:09 GMT
Via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
2705684
ETag
5c704121fc469848bf36670b5cf8ae92
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
11288
X-Amz-Cf-Id
VzJFptDe3nDKgPQzup38UCn3FR3hT-4GU-KEieIIRWbfiCkf5VoR8A==
Expires
Tue, 04 Oct 2022 03:14:09 GMT
Blank.gif
www.kbzk.com/styleguide/assets/ 		57 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kbzk.com/styleguide/assets/Blank.gif
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-4.fra2.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 14:20:04 GMT
Via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache-Coyote/1.1
Age
24006528
X-Cache
Hit from cloudfront
Content-Type
image/gif;charset=UTF-8
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA2-C2
Content-Length
57
X-Amz-Cf-Id
KDfCQMsBuaWoqPlEb80n72FMhH-r5dlu43PYPOYLFjoCDs9XIbJBiQ==
logo-scripps.png
assets.scrippsdigital.com/cms/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Oct 2017 14:04:11 GMT
Server
AmazonS3
Age
24066
ETag
"f46791d665054bf21da09492d448e1d2"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Thu, 04 Nov 2021 04:07:48 GMT
x-amz-replication-status
COMPLETED
X-Amz-Cf-Pop
FRA60-P2
Accept-Ranges
bytes
Content-Length
3532
X-Amz-Cf-Id
4OvsPC_NC_88o8kzFWfbhWavZtmbn4NiVj7Rr0723gRWp_5aWDvXpQ==
All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/ 		427 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4a85b624e7a71b4aa3827935dae699f7e8769e172ce18dc1ec395967863fbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 28 Oct 2021 16:54:10 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 28 Oct 2021 16:54:10 GMT
Server
AmazonS3
Age
582884
ETag
"e9115ed9ae76a1acab3581c3c5fe8c6a"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
101117
X-Amz-Cf-Id
JIMEd21GdDQgamtLQ78gOflFtUKUT3v7IaI3qzSrLX143ftUtW998g==
gtm.js
www.googletagmanager.com/ 		146 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXN39QC
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
350ea75c1e170d0384164a60b83d42162d8ee081012f3185a8c4a21e0a2efd7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46959
x-xss-protection
0
last-modified
Thu, 04 Nov 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Nov 2021 10:48:53 GMT
000000.json
cdn.cookielaw.org/consent/000000/ 		215 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/000000/000000.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a138de26ecd4c0bef40c54ed63ec6201b73eb60ae5865b8f5be443dc5fe37cc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
6bb633c1-301e-00bb-7669-d13912000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6a8d45c5ff133754-MXP
expires
Thu, 04 Nov 2021 14:48:53 GMT
yi.js
sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/ 		212 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8e730ee16a0db99b8f0575bea2e3ef0471019b00e2037fb0d367fbfbb5833248

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 10:48:53 GMT
Content-Encoding
gzip
Server
AmazonS3
x-amz-request-id
MM1Q0GC339YH12C3
ETag
"7853c8ebe7f9da77fcaa62deaa61a427"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=24447
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
aWneGARf0WNiE3Y1pnoC4KVo359Hb+SuITB8HdkfLO1PhMhwfYWa7sxBpY5ipC5e9IOVwiG6iqU=
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
okBBdl4mniljyIhAB_yWlERThSsUPvbQ
content-encoding
gzip
etag
fc2e1be4d234471752ea2ebee7e63d1e
age
843
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1NDD4S5KEECFRZW0K82B
date
Thu, 04 Nov 2021 10:34:58 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
fVtGYAnceBHgE2REhn4J5tGldGObVrt6v0th6EWL52VQc9uB386QQA==
bidexchange.js
hbx.media.net/ 		424 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.kbzk.com
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.85.4.23 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-85-4-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a7ac6b39c844d591a60df12237d7379261f8dc41d48f8325220aee5139be380c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Thu, 04 Nov 2021 10:48:53 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
expires
Thu, 04 Nov 2021 11:18:53 GMT
5776_Scripps_Local_Stations.js
ads.rubiconproject.com/prebid/ 		570 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9e20eb6cc267880b06f424fbf419634df65e2507e5257747c8d3642e539f8282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 10:48:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 20:11:29 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1824
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
112023
Expires
Thu, 04 Nov 2021 11:19:17 GMT
p.css
p.typekit.net/ 		5 B
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f5d63c2eddc1f908f26eb2cbd20fad669ef3e2a4e13542bf9b540e37bc72db17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
p9K5jWXH92UNh1TlKMh8mg==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
ZnAWGQK8Q+9uOAvs/JuN3YiliVLV8CIgPZn5rUm/V/dh28+rBkcMRnIXzgWVsvjgVXTJlWFQVNr4kxDAlOfqaQ==
x-fb-trip-id
917726464
x-fb-content-md5
385fa7102ef0cf9a0b767d34eec538af
x-frame-options
DENY
date
Thu, 04 Nov 2021 10:48:53 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"821f232fa813a9606b51ebcd8b5c7a14"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 04 Nov 2021 10:57:25 GMT
/
ewscripps.brightspotcdn.com/dims4/default/63a43b7/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/63a43b7/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F693%2F5210dc00f64c413bacd7236bfc59a2f2%2F6939e73ae32641819ab47352251e80ed%2Fposter_b0cde14e7ae248dc8b717f52af0b3359.jpg
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
8d47961c0227d8f5e9f821e4980f6700e2385748e20fe3ba50d6b8c29867cde6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 03:06:14 GMT
Via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
27759
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
81970
X-Amz-Cf-Id
oG796HQTfrEb4IsoU41V2Bvz4Q-jUSmjikovFxKYUwTBOHfmHAvfZg==
Expires
Fri, 04 Nov 2022 03:06:14 GMT
/
ewscripps.brightspotcdn.com/dims4/default/62dad17/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/62dad17/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F1b9%2F5210dc00f64c413bacd7236bfc59a2f2%2F1b92330c13a34284b2795f64e8d2180c%2Fposter_3890ec97fe964c4dbcc683aaa8422dfa.jpg
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
2857cbc7500d800d13716371411e4c76952476f819bffc9aa0feed6c705ac7bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 03:06:14 GMT
Via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
27759
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
122927
X-Amz-Cf-Id
vLcxYpvfZmNywyv3OElRKwpBaaf59JL3k_5cv8xCIoPXNCXdXx3lCQ==
Expires
Fri, 04 Nov 2022 03:06:14 GMT
/
ewscripps.brightspotcdn.com/dims4/default/63319d8/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/63319d8/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2Fb92%2F5210dc00f64c413bacd7236bfc59a2f2%2Fb927a32d6b264d23b9d6a54b32a9a175%2Fposter_0c51c9898d7b42438ad22f953904dbbc.jpg
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
c3440392178ac162b774b39cb745c5875ee11538159f505571f80caf8658eb32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 03:06:14 GMT
Via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
27759
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
58644
X-Amz-Cf-Id
fDRj119Z_33yYMU1DhKalMZjLOd06FFoTRu7-YCa3227CJhz24TQzQ==
Expires
Fri, 04 Nov 2022 03:06:14 GMT
/
ewscripps.brightspotcdn.com/dims4/default/adb3c13/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/adb3c13/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F9e4%2F5210dc00f64c413bacd7236bfc59a2f2%2F9e49656c5f524a81880dae5374e723f3%2Fposter_a38d22ec94e040de997426171282ec79.jpg
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
32376a65245d4aa6d3c33fd3b40af954fb4432a9367e799803947de6bf244ac0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 11:33:17 GMT
Via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
83736
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
64857
X-Amz-Cf-Id
ycGixGeJdytMACj3HqON7_XbRL2rqzg22pYEQFMaibDJIxSEDP9vgw==
Expires
Thu, 03 Nov 2022 11:33:17 GMT
/
ewscripps.brightspotcdn.com/dims4/default/9b8546f/2147483647/strip/true/crop/435x245+0+15/resize/1280x720!/quality/90/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/9b8546f/2147483647/strip/true/crop/435x245+0+15/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fee%2Ffb%2F9be27c214f7dbd5184f57b47d0bb%2Fdoyle.jpg
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
b98982197b4016e5b97d9aec4b0ad7c19c26fa9218c3b6dcfab908db746c1dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 03:06:38 GMT
Via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
114135
ETag
7c4d52dd7daacd08c243068bc8d66362
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
151399
X-Amz-Cf-Id
ZeAG6fEeu9gt-c6KkA2fEYbFrXPybHO0Vp0CfEwSp4tnfQPf-OIIOA==
Expires
Thu, 03 Nov 2022 03:06:38 GMT
/
ewscripps.brightspotcdn.com/dims4/default/2af2563/2147483647/strip/true/crop/1068x601+9+0/resize/1280x720!/quality/90/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/2af2563/2147483647/strip/true/crop/1068x601+9+0/resize/1280x720!/quality/90/?url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2Faf3%2F5210dc00f64c413bacd7236bfc59a2f2%2Faf37578cfe5d4e9fa2dcfcf3ac824489%2Fposter_28357f7ebba94d92ab5a97e37cf75332.jpeg
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
5ebbee10eb6c0347896f9c2c30205379552f2bef6b0cd2ebd5f2bcda68445a29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 02 Nov 2021 21:35:44 GMT
Via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
133989
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
110564
X-Amz-Cf-Id
mVIRS_RANBBB3qD3Nm7VGpomHKqLyXE9LooCKSynraYhvf_UO9cReA==
Expires
Wed, 02 Nov 2022 21:35:44 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.kbzk.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
551981
cf-ray
6a8d45c62af0176e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59572
x-amz-id-2
wTre6BbQ18H4Gv9FI65ThbJXnlTkzqoDw8vfMzT7LbKq9zmQ+YW7HYHOOssQ3vMhpBCvHxNLvhk=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"18d2347ab2a9f40ca2247cdb03303d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lN8nopcgk8yq7zq1ctpksZuKSVp4duTo6pfX4A9B%2FnS0OsnUs%2FJhLR0mgwAeYYugupcncaMGWPprhpJ37iz7Ly6YFp7diFbIPUlm05g6AqbPUr%2BY9o9VFxD0BQoLyBQ7MTXjAmKyiSYOIiFXi36XiClW"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
S7TKN6N3PDRX01WD
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.kbzk.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
server
nginx
etag
"ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16564
l
use.typekit.net/af/8738d8/00000000000000007735e611/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d63fa770adfd344ffffd30e315719e539d341a6f71d0d6ad6a5c312a85e95fed

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.kbzk.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
server
nginx
etag
"a5565f97e4389f39e94f7880b2c8088023e4d88a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16884
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.kbzk.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
server
nginx
etag
"96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16832
fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.kbzk.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47115
cf-ray
6a8d45c62af4176e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
63376
x-amz-id-2
HHH2W17ECZ2/9DDHs/wPrTP2IWKw5My4DI2fjpV9vDLyfK/0jbIufld2jSMnHrI+ciuPsXXE4nE=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"f319eac1c755f9929fd856720ce1695e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgSX0p7iYgsgnRTJ71R%2Fr04Odloa3CaZg5ZBGQYl0GbQsDf%2FjSsD0OK1Smmccoknx4fXL5%2B4fzNPGcfw0NwZHp9uCAesls4U7SKS%2Bckrx9xnh2iRtyEQH74gy3TPkmnzwOqRw1GO69XmtgIWVQpEPD%2FG"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
BZNS69PA6GGSD6X1
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
p.js
cdn.parsely.com/keys/kbzk.com/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/kbzk.com/p.js
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.103.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-103-127.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
01677fa45e3b2bbaf419837bd2f3f8485616c619cb6bcede9a60c4e95d6092e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
public
date
Thu, 04 Nov 2021 10:48:53 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 19:37:56 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
W/"602ec214-1070d"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-id
nCasjqZI5KcY1_j0oiGtkq8N4FXleIMjyDMe3xLmh8xUjYURMN002w==
expires
Fri, 05 Nov 2021 04:47:03 GMT
/
ewscripps.brightspotcdn.com/dims4/default/53562da/2147483647/strip/true/crop/4032x2268+0+378/resize/320x180!/quality/90/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/53562da/2147483647/strip/true/crop/4032x2268+0+378/resize/320x180!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F38%2Fb4%2F4b2059b0489eadb2e689a82edfe9%2F20210920-134712-1.jpg
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
5b16540c2dcd73b6f6815ef2ba94aba1adcf2509730ac89de216965d64beaba7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 23:02:56 GMT
Via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
42357
ETag
3239aaad182a3f9f04b24503364cddbf
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
20894
X-Amz-Cf-Id
kqhqDRoHSHfH4hVyQncVFG3X-W_X_XDI_4GZ6WDSrOaX6qSsUtxY5g==
Expires
Thu, 03 Nov 2022 23:02:56 GMT
/
ewscripps.brightspotcdn.com/dims4/default/22a5ca9/2147483647/strip/true/crop/1120x630+40+0/resize/320x180!/quality/90/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/22a5ca9/2147483647/strip/true/crop/1120x630+40+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2Fb0%2Fae%2Ff542ce404a2b9a406f05420b0f3d%2Flittle-shell-tribe-of-chippewa-indians.jpeg
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
3eda4579dfee3b9b40ac6c7d9b09b0c19fa9a58a01b50903bbd3521e7a07cf52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 20:33:50 GMT
Via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
51303
ETag
4557f2f50b21715b028bb0d5cd89fdfc
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
7371
X-Amz-Cf-Id
l4sMuNMH4Ww99ftHbuUASYZoVMAwzD6EkJoqR-ub8cx-j3lb_-5ZaA==
Expires
Thu, 03 Nov 2022 20:33:50 GMT
/
ewscripps.brightspotcdn.com/dims4/default/f108db8/2147483647/strip/true/crop/658x90+0+0/resize/658x90!/quality/90/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/f108db8/2147483647/strip/true/crop/658x90+0+0/resize/658x90!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Ff3%2F09%2Ff0b3aa1145f6a03869375d00c9eb%2Fkbzk-wx-658x90.png
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
88ac99cf5b4d08578117d2bfe5e6957e7deeb2f2dfb5b563bd5dfa70d6dddef4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 05:27:48 GMT
Via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
8745665
ETag
c682942997b053f26dae49427321648d
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
79205
X-Amz-Cf-Id
9Uc0l3geKc0o16SAbgwNWgZGNObNnheLDwUk37OwkPGDg8tYu54aRQ==
Expires
Tue, 26 Jul 2022 05:27:48 GMT
/
ewscripps.brightspotcdn.com/dims4/default/53a13c7/2147483647/strip/true/crop/2873x1616+4+0/resize/320x180!/quality/90/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/53a13c7/2147483647/strip/true/crop/2873x1616+4+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F3a%2F92%2Fb8f1123e436387a6c05182fb68de%2Fscreen-shot-2021-11-03-at-2.51.07%20PM.png
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
0f25d668e1f0efae9b6ae4917c10aacecefb101c2631c2495c295c078c782999

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 23:39:47 GMT
Via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
40146
ETag
8658cf10816d30c44a11180127bb46c8
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
105961
X-Amz-Cf-Id
d5hFxTWyiVZ53o4JiyPY_oD-BV_VKQgO76c-PSM3rPnzykUaxvrXZQ==
Expires
Thu, 03 Nov 2022 23:39:47 GMT
/
ewscripps.brightspotcdn.com/dims4/default/7ec2b1d/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/7ec2b1d/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F4f%2F8d%2Fa754f3294facaf19f46bb63fe74a%2Fleaves.jpeg
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
591c79a74861a486cf616b4009a7f3f51c2fe74d7753b57057c8734fabfaf0be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 20:33:50 GMT
Via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
51303
ETag
36d7f16b61a18cbf0411e615d8c17850
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
16484
X-Amz-Cf-Id
xWCIybEgYzHO1O6Wf0m3ZdfHJAcXcS7ZxVoXTsa5jaoqVGLTqpZU8w==
Expires
Thu, 03 Nov 2022 20:33:50 GMT
/
ewscripps.brightspotcdn.com/dims4/default/8a9b247/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/ 		139 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/8a9b247/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F43%2Fff%2F5b439bd542c38f5175b5a69d73c1%2Fnov3jet.png
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
a46a6691e8235b6ed692048c52d2ce23950b03e641f580773d4e2aff612d39ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 03:46:43 GMT
Via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
25329
ETag
9941356ffc17fa811e96de69ce72da32
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
142348
X-Amz-Cf-Id
qi3n5awIq-AEjQ2w-vbOtafP2MyhyhIQdcjq2eHjD1y6eXio3E3rkQ==
Expires
Fri, 04 Nov 2022 03:46:44 GMT
/
ewscripps.brightspotcdn.com/dims4/default/a94a278/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/a94a278/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F82%2Ff4%2Ffce1f4204f09a209425350ef2731%2F480x360-2021-vote-elex-results.png
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
8eba072934ef140a0c654e27c49d9519f497f1eedd710afd5536a127bacb7efc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 01:53:50 GMT
Via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
118503
ETag
6ec8d52a89e12d0b7e3e726c576ed432
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA50-C1
X-Robots-Tag
nofollow
Content-Length
88045
X-Amz-Cf-Id
teGfmg-xGupv2Yqj5fscRaIxJuSDQyU3kYuerfmzLMg7RLjSovSibA==
Expires
Thu, 03 Nov 2022 01:53:50 GMT
sdk.js
connect.facebook.net/en_US/ 		266 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=3fd78f5e4ff0b5f3085a5afcc622d483
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d8e9f41ac3fcbf42d8ebcf39f44424bca63b64e2b4ce78b31efaf860fd5dde0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.kbzk.com/
Origin
https://www.kbzk.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
6gdTzHHtZlT5YKTn0HWDDA==
cross-origin-resource-policy
cross-origin
expires
Fri, 04 Nov 2022 10:37:25 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76603
x-fb-rlafr
0
x-fb-debug
fn8b+iRiK7NA7s+3cV3MR7Gi+gdbOZ1ce/vknEQWgoMpHhTQodkp/DwMv83hkWxG7danBCevkfTa++YInRo6Og==
x-fb-trip-id
917726464
x-fb-content-md5
12c74c8674d8ccd6687959663e61dea2
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 04 Nov 2021 10:48:53 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"b4ee2d64bb789d510850664c030e927c"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
config
c.amazon-adsystem.com/cdn/prod/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.kbzk.com%2F
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:52 GMT
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.kbzk.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
6qy-3Phfh8czMsnIwIxJIGUoPOw5P1rR4v7NjJRKdW4xTiu5F5Gopw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
25330
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Thu, 04 Nov 2021 03:46:44 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Q1S7NmmePEGIb-DpFCWkDjwDD6s4L6CIQoxxUuYVAYwcNLoBGkfGRg==
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXN39QC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
2867
date
Thu, 04 Nov 2021 10:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 04 Nov 2021 12:01:06 GMT
activityi;dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F
4394967.fls.doubleclick.net/ Frame 6172
Redirect Chain
  • https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F?
  • https://4394967.fls.doubleclick.net/activityi;dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~o...
499 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4394967.fls.doubleclick.net/activityi;dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXN39QC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
71d73e73f8e4023d2f6761b86b15005137a9ca293d2504168a91a69c2f4b8ba9
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 04 Nov 2021 10:48:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
395
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 04 Nov 2021 10:48:53 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://4394967.fls.doubleclick.net/activityi;dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
api.ewscloud.com/prod/scheduler/v1/com.kbzk/schedules/current/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.kbzk/schedules/current/?type=web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-32.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization
Origin
https://www.kbzk.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Thu, 04 Nov 2021 10:48:53 GMT
x-amzn-requestid
9ee31499-906d-473f-876e-96d0dd4379cb
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
IRoXbEdBoAMFzSw=
access-control-allow-methods
GET,OPTIONS
x-amzn-trace-id
Root=1-6183ba95-53a747644969eda3430295e0
x-cache
Miss from cloudfront
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
pA12NeDEYm1YhXNPLftbgBZEEiy3p7otLUVibA0v7zyOyeyL-QcCTg==
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 02:25:55 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
30204
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
9xW5IxRHIflfrhK8tl_9Jz3XwKSHIjeg4hz_zhwwczCcAI13Dwulog==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
53d91fb2b51a3daa0645f78f71b29e695f42b0ac6db0d29f7fc7e5e38c3ffb7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
content-encoding
gzip
etag
"4zy+3zXYb8Q7og5Af8HrBg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Thu, 11 Nov 2021 10:48:53 GMT
weather
www.kbzk.com/ 		66 KB
66 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.kbzk.com/weather?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-4.fra2.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
fad7e6ffd05ee5e470878f9f6b4832a1d01293ffad390da1ec014f12271f59da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 10:47:47 GMT
Via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache Tomcat
Age
65
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA2-C2
X-Robots-Tag
nofollow
X-Amz-Cf-Id
qFkMEzHr8GGz9F6EOEOFR2THbiPGKCqqBycsnnHc5T0RE9LvRS7fow==
breaking-news-alerts
www.kbzk.com/ 		57 KB
57 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.kbzk.com/breaking-news-alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-4.fra2.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
cc72de0f245622dcbe0041630fca90696289bfc68e48d32df0ef348e71c97710

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 10:47:47 GMT
Via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache Tomcat
Age
65
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA2-C2
X-Robots-Tag
nofollow
X-Amz-Cf-Id
wiWBJhSYjMUZQm6IkuAJgJ4Wq0Il_f3vS-yotWFS_eztumUZMAsEcA==
alerts
www.kbzk.com/weather/ 		56 KB
56 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.kbzk.com/weather/alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-4.fra2.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
dc38aede08e62b0d3eca05d5104766d07e9423895826589fb3b17fc03f6a1b1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 10:47:48 GMT
Via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache Tomcat
Age
65
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA2-C2
X-Robots-Tag
nofollow
X-Amz-Cf-Id
hp7JSOA48Dw3VjLFuoNr6vPnbEU7pCK_gRUNO4vmp7sbQQ0vkBPsfA==
school-closings-delays
www.kbzk.com/weather/ 		52 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.kbzk.com/weather/school-closings-delays?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-4.fra2.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
d3079b3dd8d512ab44f560d9f3ed1b9a5113a4c0f7419e3674dc3d6fd60add81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 10:47:47 GMT
Via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache Tomcat
Age
65
X-Powered-By
Brightspot
X-Cache
Error from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA2-C2
X-Robots-Tag
nofollow
Content-Length
53470
X-Amz-Cf-Id
6jcroUBbUD1Q7StNePo9trCTrH5DKqzUmCZIe5eZOjkzW9fXED2sGQ==
/
api.ewscloud.com/prod/scheduler/v1/com.kbzk/schedules/current/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.kbzk/schedules/current/?type=web
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-c7d2-dd00-a17d-d7fab2c90000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-32.fra60.r.cloudfront.net
Software
/
Resource Hash
cbe4e6e7cfa20bf6fe20de336b8e83ea4c6cf7e198842b578582b42518ce7a52

Request headers

Authorization
Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amzn-requestid
056a16ba-c9a6-4b1b-859d-7108081f2ca1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6183ba96-4e5c09195f24b00545a6b37c
x-amz-apigw-id
IRoXeH8DoAMF7rQ=
content-length
1756
x-amz-cf-id
kvgzX4Sy-5CqIFeY0WOCjo_ubQWrQdV4semfRM1B6xjG5mZ3ralYXA==
load_tags.js
pymx5.com/scripts/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/load_tags.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXN39QC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 09:56:50 GMT
age
3123
x-guploader-uploadid
ADPycdsJz__tSRIMYNhTRH1IzGlzy6b5dwODWiWs0RwJl6M3N9YSyip2h4ckCOlrfZ2Gc2hKnB6QQ_LJ2zlmsAXnwdw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
8946
last-modified
Tue, 12 Oct 2021 11:44:47 GMT
server
UploadServer
etag
"f6b06694767e707999eecbe9538b403a"
x-goog-hash
crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation
1634039087734790
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
8946
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 04 Nov 2021 10:56:50 GMT
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1636022933645&plid=77923835&idsite=kbzk.com&url=https%3A%2F%2Fwww.kbzk.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.kbzk.com%2F&sref=&sts=1636022933641&slts=0&title=Homepage&date=Thu+Nov+04+2021+10%3A48%3A53+GMT%2B0000+(GMT)&action=pageview&pvid=55613045&u=pid%3D35dda8b53cfc7922bb6e68f4224efb8e
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-167-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 10:48:54 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 04-Nov-2021 10:48:54 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
v2
mb.moatads.com/yi/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vldfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ZdsW7OXurwpsfw%3D%3D&sc=1&os=1-jA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.kbzk.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=758742001040&callback=MoatNadoAllJsonpRequest_54550491
Requested by
Host: sejs.moatads.com
URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.206.72 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-206-72.eu-west-2.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
206a1e1c186b9b5e3abc21d422dd59bee3b6bdd6076d2fd63f70c600f303a721

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
cache-control
max-age=900
server
TornadoServer/4.5.3
timing-allow-origin
*
etag
"ff2e81f33f6d930f81940eeb05d993155421c356"
content-length
1443
content-type
text/html; charset=UTF-8
load_optional_tags
api.pymx5.com/v1/sites/ 		0
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pymx5.com/v1/sites/load_optional_tags
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
203.74.96.34.bc.googleusercontent.com
Software
nginx/1.13.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
via
1.1 google
server
nginx/1.13.7
x-frame-options
SAMEORIGIN
allow
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1636022933785&ns_c=UTF-8&cv=3.5&c8=Homepage&c7=https%3A%2F%2Fwww.kbzk.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1636022933785&ns_c=UTF-8&cv=3.5&c8=Homepage&c7=https%3A%2F%2Fwww.kbzk.com%2F&c9=
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1636022933785&ns_c=UTF-8&cv=3.5&c8=Homepage&c7=https%3A%2F%2Fwww.kbzk.com%2F&c9=
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
gY2X6TnxNaKtzuaw7RygnlHgbcbds2UWI4ftmf90s3gSHX3mZlKx9g==

Redirect headers

date
Thu, 04 Nov 2021 10:48:53 GMT
via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1636022933785&ns_c=UTF-8&cv=3.5&c8=Homepage&c7=https%3A%2F%2Fwww.kbzk.com%2F&c9=
content-length
160
x-amz-cf-id
yp-sD81Ovzr5WZwV8UgxWIfgnkJyn02MT8bgFAuT2CG1VW-D1W4t1w==
clear.png
static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/clear.png
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:9400:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2878c06eaa36809d2bf556a97ac803fa0870241e075817b5310e9b0410cc66d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
EqVxYzNBkMLoIheTLGnVsHoesYc_VCFl
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
last-modified
Thu, 28 Oct 2021 15:57:11 GMT
server
AmazonS3
age
10
etag
"fc75b0aa31f555c7c7e2145d8789524c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=86400
date
Thu, 04 Nov 2021 10:48:48 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
2382
x-amz-cf-id
0GzEXNnUb6K2sBMp-np0Pbittt2t3RRB919VxYCOpXMRZ917Opz0Eg==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
590
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 04 Nov 2021 11:39:03 GMT
rules-p-cfh7-Kj7hw4Cs.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-cfh7-Kj7hw4Cs.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:29:14 GMT
content-encoding
gzip
age
1186
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 30 Aug 2017 16:19:22 GMT
server
AmazonS3
etag
W/"021b7e04f30cea21812673c831b1b679"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
dMxcj6Ie-zSDj85CAl5Sme-sCFBqQSFzn9zMmLEyGn7WEVESTucVSg==
dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F
adservice.google.com/ddm/fls/i/ Frame 48FA 		498 B
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F
Requested by
Host: 4394967.fls.doubleclick.net
URL: https://4394967.fls.doubleclick.net/activityi;dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47fade98df084787c2ec689cb7516d04bee739e08a426d1c71a124ba3e39392e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4394967.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 04 Nov 2021 10:48:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
395
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-10036014-11&cid=822715628.1636022934&jid=711263860&gjid=320739647&_gid=956033741.1636022934&_u=aGBAiAAjBAAAAE~&z=1128526068
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 04 Nov 2021 10:48:53 GMT
content-type
text/plain
access-control-allow-origin
https://www.kbzk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-40066851-1&cid=822715628.1636022934&jid=709209503&gjid=1484745641&_gid=956033741.1636022934&_u=aGDAiAAjBAAAAE~&z=467464916
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 04 Nov 2021 10:48:53 GMT
content-type
text/plain
access-control-allow-origin
https://www.kbzk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-29521121-4&cid=822715628.1636022934&jid=622859071&gjid=1020039197&_gid=956033741.1636022934&_u=aGDAiAAjBAAAAE~&z=123589693
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 04 Nov 2021 10:48:53 GMT
content-type
text/plain
access-control-allow-origin
https://www.kbzk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=652459614&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kbzk.com%2F&ul=en-us&de=UTF-8&dt=Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiAAjB~&jid=711263860&gjid=320739647&cid=822715628.1636022934&tid=UA-10036014-11&_gid=956033741.1636022934&gtm=2wgar0KXN39QC&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd30=&cd31=false&cd34=false&z=827717363
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 15:12:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70567
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=652459614&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kbzk.com%2F&ul=en-us&de=UTF-8&dt=Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiAAjBAAAAE~&jid=709209503&gjid=1484745641&cid=822715628.1636022934&tid=UA-40066851-1&_gid=956033741.1636022934&gtm=2wgar0KXN39QC&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd30=&cd31=false&cd34=false&z=1893603647
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 15:12:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70567
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=652459614&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kbzk.com%2F&ul=en-us&de=UTF-8&dt=Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiAAjBAAAAE~&jid=622859071&gjid=1020039197&cid=822715628.1636022934&tid=UA-29521121-4&_gid=956033741.1636022934&gtm=2wgar0KXN39QC&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd30=&cd31=false&z=1174900779
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 15:12:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70567
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel;r=967849930;labels=Cracked.Article%20Title.Homepage;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.kbzk.com%2F;uht=2;fpan=1;fpa=P0-647966089-1636022933847;pbc=;ns=0;ce=1;qjs=1;qv=11b7ea70-20211...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=967849930;labels=Cracked.Article%20Title.Homepage;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.kbzk.com%2F;uht=2;fpan=1;fpa=P0-647966089-1636022933847;pbc=;ns=0;ce=1;qjs=1;qv=11b7ea70-20211103205804;cm=;gdpr=0;ref=;d=kbzk.com;je=0;sr=1600x1200x24;dst=0;et=1636022933847;tzo=0;ogl=title.Homepage%2Curl.https%3A%2F%2Fwww%252Ekbzk%252Ecom%2F%2Cimage.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F50998e0%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Aurl.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F50998e0%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Asecure_url.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F50998e0%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fpng%2Csite_name.KBZK%2Ctype.website%2Cdescription.
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
log
hblg.media.net/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=kbzk.com&servname=ssp-serving-6585669d88-c7bh9&svr=110212_302_110212_270_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001636022933915032571668486139&sspAbBucket=CONTROL&lw=1&dapp=green&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&abte=SSP_CLIENT&rtype=&lbr=0&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&a=0&r=209&lper=1&requrl=https%3A%2F%2Fwww.kbzk.com%2F&kwrf=
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.85.4.23 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-85-4-23.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:53 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 04 Nov 2021 10:48:53 GMT
dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F
adservice.google.de/ddm/fls/i/ Frame BD67 		194 B
657 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLmbuq7E_vMCFUfCGwod9LUM6g;src=4394967;type=wftx;cat=pc_tt0;ord=5610770516878;gtm=2wgar0;auiddc=1910974252.1636022934;u1=Homepage;u2=Homepage;~oref=https%3A%2F%2Fwww.kbzk.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 04 Nov 2021 10:48:53 GMT
expires
Thu, 04 Nov 2021 10:48:53 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
6d72693895a0f7a64ad32f06f39e80bc65dc66030a62d75942f7fdbeb2ab7906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1033 / 427 of 1000 / last-modified: 1636021954"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27325
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Nov 2021 10:48:53 GMT
pubads_impl_2021102801.js
securepubads.g.doubleclick.net/gpt/ 		350 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120786
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 08:34:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Nov 2021 10:48:54 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		165 B
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.kbzk.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
3bb2339a956d7c8a791caf35075166ee38e430e2e44cf0670507092f7fbb0aa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107
x-xss-protection
0
expires
Thu, 04 Nov 2021 10:48:54 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.kbzk.com%2F&pid=xXIccNYc1fmze&cb=0&ws=1600x1200&v=7.70.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
9CPS5FW1VYMSNRTR2KCH
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.kbzk.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
dwW7WyuBKPnkb-_cuaWpBtqauTWi4qA1-efQDtBcgFOgYr2MJJxKvw==
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941601797961e0d762879367003d&pos=8a96941601797961e0d762925d4300b8&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0eea8c35812bd962fdd6f1c520e106f8640744e017fe08ec881317478e2654e8

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kbzk.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941601797961e0d762879367003d&pos=8a969c0301797961d75b62919d7b0078&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
69f4e11d0e468f4d27c97c5b8fd113afd11d66fbcce694163ce141b3416ddd10

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kbzk.com
access-control-allow-credentials
true
content-length
62
fastlane.json
fastlane.rubiconproject.com/a/api/ 		482 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1953800%3B1953798&size_id=2%3B15&alt_size_ids=%3B10&p_pos=atf&rf=https%3A%2F%2Fwww.kbzk.com%2F&tg_i.aupname=%2F6088%2Fssp.kbzk%26mad_inview%3B%2F6088%2Fssp.kbzk%26mad_right_rail&tg_i.dfp_ad_unit_code=6088%2Fssp.kbzk%2Finview-bottom%3B6088%2Fssp.kbzk%2Fhome%2Flanding&tg_i.pbadslot=6088%2Fssp.kbzk%2Finview-bottom%3B6088%2Fssp.kbzk%2Fhome%2Flanding&tk_flint=dmpbjs_v5.11.0&x_source.tid=514f68f6-dbf1-4e31-b4f2-f52c3205f83b%3Bfebf5d49-944d-4a42-bd7b-3b080c398f77&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.6861857695703077
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
047accd83549b1dc65c4aa0032cc61279d64a4d8b8adf525e13e706e6c66dab4

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:54 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.kbzk.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
482
Expires
Wed, 17 Sep 1975 21:32:10 GMT
imp
g2.gumgum.com/hbid/ 		969 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=farez3yl&pi=3&maxw=728&maxh=90&si=112929&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.kbzk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.kbzk.com%2F&ns=10240&gpid=%2F6088%2Fssp.kbzk%2Finview-bottom
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d741914920a9e5d10ec1aa397f528064ddba12e719eef55082f3d7398120dd63

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.kbzk.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=farez3yl&pi=3&maxw=300&maxh=600&si=112928&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.kbzk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.kbzk.com%2F&ns=10240&gpid=%2F6088%2Fssp.kbzk%2Fhome%2Flanding
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0029270a52a7102b17cafcaa205596b0e2a2e74de61b8c3cd8a56b99314d19e5

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.kbzk.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
v2
e.serverbid.com/api/ 		711 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kbzk.com
date
Thu, 04 Nov 2021 10:48:54 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
hb
ssc.33across.com/api/v1/ 		66 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=a1f5PEBymr67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0bab1ba55fa1f1a9da74fce26d4775715943cbc915bd00b0d9d4bff7d9f78d7c

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kbzk.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aYudrsBymr67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
ea7f41b307c48cb26d1ba7144fe8dacffbf302b141f215217a49edca23501c46

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kbzk.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		300 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
901c00b6d725dfe9be7dcf88438ec2cdfa352729f8275f58511cbb041ac87426

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:54 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.kbzk.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
300
expires
0
auction
tlx.3lift.com/header/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.11.0&referrer=https%3A%2F%2Fwww.kbzk.com%2F&tmax=2000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.103.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-103-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9d2fffa7319df502392e0c22b44136f8d55d026414f13418608ff1b1b1ec2792
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kbzk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1360
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4ccdcfd374b5aabcd6b1f5c785dd9b39586ae98d89083c3742dda2aeccf86fac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 04 Nov 2021 10:48:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
71929cfa-093a-49c3-9e03-e0d1341aa655
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.kbzk.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
ewscripps-d.openx.net/w/1.0/ 		172 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kbzk.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=514f68f6-dbf1-4e31-b4f2-f52c3205f83b%2Cfebf5d49-944d-4a42-bd7b-3b080c398f77&nocache=1636022934142&aus=728x90%7C300x600%2C300x250&divids=MAD_INVIEW%2CMAD_RIGHT_RAIL&aucs=%252F6088%252Fssp.kbzk%252Finview-bottom%2C%252F6088%252Fssp.kbzk%252Fhome%252Flanding&auid=544041394%2C544041391
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
ee979f21f7ce25499f9d5dfae94f159acb26103e575eca9d827c04f3cc9529d4

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.kbzk.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.kbzk.com%2F&pid=xXIccNYc1fmze&cb=1&ws=1600x1200&v=7.70.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_HOMEPAGE_SHOWCASE%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
CA6GKN67KRD4H1CZEMHW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.kbzk.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
xGImmmMvwkvQeheDxjh9gNn3bU69Z2x3gNICol_QNyE5MJbVnisBJg==
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=a79EQiBymr67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
970e0a2f25583cab4293946e65e7b64d80ea514d0a60773f9383a621ad012297

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kbzk.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
auction
tlx.3lift.com/header/ 		19 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.11.0&referrer=https%3A%2F%2Fwww.kbzk.com%2F&tmax=2000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.103.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-103-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:54 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kbzk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v2
e.serverbid.com/api/ 		16 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kbzk.com
date
Thu, 04 Nov 2021 10:48:54 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941601797961e0d762879367003d&pos=8a96941601797961e0d762919e8b007b&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
083be818fb16436a5107dddb2e3033683bf7354a1ea596129a45a3d91a0c7df3

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.kbzk.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		139 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
151b6f033b62403e7e12c3db6fef5c1806a9cf6cbb363b8e5f44ac369dafaeb6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:54 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f5fe7f92-8ffd-4449-95dc-93077beefaa0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.kbzk.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=farez3yl&pi=3&maxw=970&maxh=250&si=112931&bf=970x250%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.kbzk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.kbzk.com%2F&ns=10240&gpid=%2F6088%2Fssp.kbzk%2Fhome%2Flanding
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b28e16360c5ab4cec5952793b20aa43e597098718ecda112ba4637fad4aefca3

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.kbzk.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
96225afa6083543c33954596eaf98781a02c7b8eced2e1e025b7b719e593a35b

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:54 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.kbzk.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		381 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1953804&size_id=2&alt_size_ids=57&rf=https%3A%2F%2Fwww.kbzk.com%2F&tg_i.aupname=%2F6088%2Fssp.kbzk&tg_i.dfp_ad_unit_code=6088%2Fssp.kbzk%2Fhome%2Flanding&tg_i.pbadslot=6088%2Fssp.kbzk%2Fhome%2Flanding&tk_flint=dmpbjs_v5.11.0&x_source.tid=336710eb-c9bd-4e8d-84b9-47a2afa6e500&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10202311740214887
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c10ef063263d02c415ba92a7196cbc64e514a114dcdb5f6abff3f7e07b244253

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:54 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.kbzk.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
381
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
ewscripps-d.openx.net/w/1.0/ 		172 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kbzk.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=336710eb-c9bd-4e8d-84b9-47a2afa6e500&nocache=1636022934192&aus=970x250%2C728x90&divids=MAD_HOMEPAGE_SHOWCASE&aucs=%252F6088%252Fssp.kbzk%252Fhome%252Flanding&auid=544041399
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
2a26f20d5f3397171e7005c1a6fd20e24a01719c595134264c7dbc98c0b25e3c

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.kbzk.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.kbzk.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.kbzk.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=318207078957221&correlator=3901222787640320&output=ldjh&impl=fifs&vrg=2021102801&ptt=17&sc=1&sfv=1-0-38&ecs=20211104&iu_parts=6088%2Cssp.kbzk%2Chome%2Clanding&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C728x90%2C10x10&prev_scp=categories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C9%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D30-39%26weather%3Dclear%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3D1%26au%3Dhome%252Flanding%26refresh%3D0%26selector%3DMAD_NATIVE_1%26temp%3D30-39%26weather%3Dclear&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cmoat_unsafe%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1636022934&dt=1636022934510&dlt=1636022933268&idt=832&frm=20&biw=1600&bih=1200&oid=2&adxs=70%2C250&adys=1228%2C1677&adks=3800686137%2C1933192736&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kbzk.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1460x30%7C740x0&msz=1460x30%7C740x0&ga_vid=822715628.1636022934&ga_sid=1636022935&ga_hid=652459614&ga_fc=true&fws=4%2C4&ohw=1500%2C740&btvi=1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
58fa6855261beef5b9dd7d47f5b5fb520c4b8dc91e21d7d91a2f1c1ce3b4223c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11346
x-xss-protection
0
google-lineitem-id
5591618547,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339084553,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kbzk.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21118ccb721c42f3a801daddd65ee7da4292f178b26628353c346cf454584261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9327
x-xss-protection
0
container.html
23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 80C0 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 04 Nov 2021 10:48:54 GMT
expires
Fri, 04 Nov 2022 10:48:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 04 Nov 2021 10:48:54 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.kbzk.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.kbzk.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=318207078957221&correlator=1318231447097651&output=ldjh&impl=fifs&vrg=2021102801&ptt=17&sc=1&sfv=1-0-38&ecs=20211104&iu_parts=6088%2Cssp.kbzk%2Cinview-bottom%2Chome%2Clanding&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2C%2F0%2F1%2F3%2F4&prev_iu_szs=728x90%2C994x30%7C10x1%2C300x600%7C300x250&prev_scp=categories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C8%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D30-39%26weather%3Dclear%26m_gv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D30-39%26weather%3Dclear%7Ccategories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D30-39%26weather%3Dclear%26m_gv%3D50%2C40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D478ef367f1f8047%26hb_bidder_appnexus%3Dappnexus%26hb_format_triplelift%3Dbanner%26hb_size_triplelift%3D300x250%26hb_pb_triplelift%3D0.19%26hb_adid_triplelift%3D46e0a2739d312e7%26hb_bidder_triplelift%3Dtriplelift%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.19%26hb_adid%3D46e0a2739d312e7%26hb_bidder%3Dtriplelift&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cmoat_unsafe%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1636022934&dt=1636022934628&dlt=1636022933268&idt=832&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933%2C-12245933%2C1050&adys=-12245933%2C-12245933%2C1622&adks=2599995707%2C4009991133%2C189308206&ucis=3%7C4%7C5&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kbzk.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C1500x0%7C300x30&msz=1600x-1%7C994x0%7C300x30&ga_vid=822715628.1636022934&ga_sid=1636022935&ga_hid=652459614&ga_fc=true&fws=644%2C132%2C4&ohw=1600%2C1600%2C1500&btvi=-1%7C-1%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
46d7e07d67b1d0cbfb5de16360dee008ac5715eeb3d29b446fe2fc5f4a6a52ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18183
x-xss-protection
0
google-lineitem-id
-1,-2,5591618547
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,138339084550
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kbzk.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EF6E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 04 Nov 2021 10:47:38 GMT
expires
Fri, 04 Nov 2022 10:47:38 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
76
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0DD2 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c1269349b837b9ba0e806dd43652799c7f13964b55e1c1d2749ab5bef757300a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8BirliY7xlk0QuQ4AS937g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 04 Nov 2021 10:48:54 GMT
date
Thu, 04 Nov 2021 10:48:54 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-8BirliY7xlk0QuQ4AS937g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js
pagead2.googlesyndication.com/bg/ Frame EF6E 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13338
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Nov 2022 10:12:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0DD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102801&jk=318207078957221&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.kbzk.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 4598 		87 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dea7fdea8bc13f2d8a65f79ea42af7bdf8fcde1538a64a79d5ef2069da769859

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
4m.J19AallZbEZFxu2fgOm.83VjUF.32
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 18:53:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"f7f83899a340bbbe216a4c5699b0f409"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
max-age=300, public
date
Thu, 04 Nov 2021 10:48:54 GMT
x-amz-cf-id
x8Cbbzk6UhAyrqp0ruYdAGS_xm4Yqc-HKRe35oOJBqs3tbiiGNMI3A==
moatad.js
z.moatads.com/ewscrippsdfp76939516016/ Frame 4598 		307 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
586648b9de49457eab52c5a10a04d5c2c08732570b2839e7b9971b89b3656efc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 14:31:33 GMT
server
AmazonS3
x-amz-request-id
HBSRKACNB226AK30
etag
"520ba4c1d6e406200959c6dc671ba273"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=25150
accept-ranges
bytes
content-length
106376
x-amz-id-2
FLvWi1TeqlktjZ83Wxsr1a+yp0JZfXNlpJV4VEGeAEPXIKq59hp1m22m4Pdw9nodCrO++uiHfV0=
8935939049860877927
tpc.googlesyndication.com/simgad/ Frame 4598 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8935939049860877927
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5eb53466565cc29d00bf8f71ad7af94bd5cd580281505fc07235cd45be5077fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 04:52:25 GMT
x-content-type-options
nosniff
age
21389
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62292
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 21:19:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 04:52:25 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211101/r20110914/client/ Frame 4598 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211101/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:33:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Nov 2021 10:33:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4598 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0253185a4cfd8a31fa015f856c47a032cf99a7aa4f528389965225dc4c150ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37579
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635787520984751"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 04 Nov 2021 10:48:54 GMT
l
www.google.com/ads/measurement/ Frame 4598 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_ZiWl8OD-dADwubOk5bn_ke85ttuH1zXxtQt2Pw2aGiRRuekCC-zfg7Oz9Z6HtXEgaHBI7dDknuapu_YY5gDx9q8ULw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 04 Nov 2021 10:48:54 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 4598 		0
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=961379
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9r9%2BVHOxTLnNQNTDR9q75kpVUsgqCfz%2FCNVYbaxpXck1vBoK7PkiSfrBKg83ZahnVga%2BGuwukAjozAkwoxhDWX%2FA7Jp3ByyxnJh2v6FZYQ8qvT35YbMkAfNdPLU4ryn864cd8K6QCGyW%2FEeA9CfO3q4BBA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6a8d45cf3d420f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
x-request-id
FrRSMPtWdmG5fqAJhNSi
c4a01b03-0cd9-4870-a5df-eb57341c81dc
https://www.kbzk.com/ Frame 4598 		770 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kbzk.com/c4a01b03-0cd9-4870-a5df-eb57341c81dc
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44d9440d0049a74398c2cba2f2b51c0e201ace1c8de68cfa977efd1c1e91d87d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
770
Content-Type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 4598 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzYdnqheHE3aXrd0Kqvpg_ggPoROVoOJhSJS6s-GcSCpf40U5Gi8bnreFLVbVM2nlLtYErPUHOLeIQy73oV9PSlFpS9BM9Rsn_dzWlq1p8oWnLeHquoz_8Q-Dfoncms_v_BKb-819FWdhd0zc473tV3bgV0OM3zucufsDvPlVoux1zLjKGIbTxfnQDVyhOIRynSG17Ygb7qfS0L0zVyMx9elc_cKXTukJMrCCqu6EiyQvCb0A7qmpi7TrPIIAUPPuWJ2NCfs7C5MhaQ0B9sN9PbHj0DmxGbDcHpdXcE8b42v3gUPQZl0FNDCs&sig=Cg0ArKJSzCL1IwXKMGOWEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Nov 2021 10:48:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102801&jk=318207078957221&bg=!9_Sl9LDNAAYH3anuB907ACkAdvg8WppoFSpinv9GkNaGgfzXUTsIU20OKPmnffphVtGepEF1oGNq7AIAAAB3UgAAAAloAQeZAr3tcP0mGvsMs4JMWr4tXmXdJ8xlahdO6lylJ2YfFIjijy2jUL6laqUg6B-01ieTT5gPD_CWoNSY3KKkbnm5P6BeG8A_oBQaoMy3oxvSz_Nclm3601WnEmRkwYD0_BV-rvW4CvxR7tUx5bMqnQ91-hqiDp9g5HjhROJXXrea8BIW_d-IU-pirRL5jXt86WGfb0AQKicj6N16RCRNap-7nP0XHDXYBGJkePnAOSngoSQioGwGAAV8KX10JDoXthHYOYDKOLlevHOhwHH4jY8t2vfriESQYAMGgSp_6syDpu4k17r8vICQ-Px-iMdPUKXlKDmgeYyNZT09gRMe-BfE2kHouQNOPWGtDUieZkeiV299mRDHfoIogARHuM6BvkPlbN_rQpVUHic6GE6hXhyFvhkNzH6rFExlco8QxsYaK10xNcUROyjBOsU8NkyKA6s1B6wL33Iw_vmuSRMQcxM4RY4b0XhpjoREthItOzfcnFQ9z7ZeigaMZaqohmVTcZFw90XtpM8WuRwKMUUshoaeY7vKRIHBQT5DdcPJvDixCOS0jmjvro8INJN1c7mXemMbEi1KbD-TSzqXSenow9d1R5OGMn4MqbqyV5Zz2TOwfzv-T9_gzNWkW3SJsa7X4sgd4Kj3A29U0ScBiWSbDq008qljeLceMMTqT3_wnexfCLkMQJ2DVWuPA1cFV5pvARs1ZPrSr4IwVf48QRasq2lHBU9RSAQkPDp4weYG1Vr7UkomI7rVU4CgxmEmLfvC11eT2V1vX8wptHVhaovfSlgooKFSGOUgnctG19ajC_vj7gU7DPBa3YuXgjvlyviWRvpnUCB6iXoy-F8OYjeOM0uNGUtwqL9ufBrGWJf-Mw3xh9gXy6P2Wv6LB2K0wbAbjCNw9LN_8-jODT6aPptZ8rMIeX0XdVxU0J3_7_BNtM7l3Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4598 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXb_XbFScKqWjjNubrnlxV4N5Sjs-Ng8aYXn5pfsxnTSaXzR9RGi2qDhE5EzCbqn5BeTZ8XwypzguhdTR0jJIAsIApJPI9ZXxUm-TfDeHn7aV3terI2kGSZntiDAn2q3_-xyL3LRKaGsvPNbTAK_4U6o1aZHoAgM8BdFVKoZIfp7GxcXsxMXDskAgRS75q9SsBjAXsy9n-JbhZeFuc1-ZfBK4bl0EkB93DDbp_6oq70q0Yrj42Zl7yieKCyzko2ke4G6lBwKfO3OTw26PmiIH14iEBT0J5dMChJvtADCduAadglTN4OHBjp2rg6w&sig=Cg0ArKJSzPoAzAotWcG7EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Nov 2021 10:48:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 04 Nov 2021 10:48:54 GMT
truncated
/ Frame 4598 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebfddb3e4e47eb00a0472027890d814d9f807f87138d308c7a15a0ebed22ee44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
container.html
23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 424B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 04 Nov 2021 10:48:54 GMT
expires
Fri, 04 Nov 2022 10:48:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.kbzk.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 04 Nov 2021 10:48:55 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 4491 		87 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dea7fdea8bc13f2d8a65f79ea42af7bdf8fcde1538a64a79d5ef2069da769859

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
4m.J19AallZbEZFxu2fgOm.83VjUF.32
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 18:53:00 GMT
server
AmazonS3
age
31
etag
W/"f7f83899a340bbbe216a4c5699b0f409"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
max-age=300, public
date
Thu, 04 Nov 2021 10:48:54 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
_y2odxjneEicxD0ENcP-vogAcJaKU_v2syDNWmWA6p0iEDRf-A_oNA==
moatad.js
z.moatads.com/ewscrippsdfp76939516016/ Frame 4491 		307 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
586648b9de49457eab52c5a10a04d5c2c08732570b2839e7b9971b89b3656efc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:55 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 14:31:33 GMT
server
AmazonS3
x-amz-request-id
HBSRKACNB226AK30
etag
"520ba4c1d6e406200959c6dc671ba273"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=25149
accept-ranges
bytes
content-length
106376
x-amz-id-2
FLvWi1TeqlktjZ83Wxsr1a+yp0JZfXNlpJV4VEGeAEPXIKq59hp1m22m4Pdw9nodCrO++uiHfV0=
17610744780265951874
tpc.googlesyndication.com/simgad/ Frame 4491 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17610744780265951874
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e0b75cbcb19e1ae15a216d5318ca1bcd794a07aab3980c0f3b9ee1aecf540c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 20:37:35 GMT
x-content-type-options
nosniff
age
51080
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78083
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 21:19:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Nov 2022 20:37:35 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211101/r20110914/client/ Frame 4491 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211101/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:33:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
911
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Nov 2021 10:33:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4491 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0253185a4cfd8a31fa015f856c47a032cf99a7aa4f528389965225dc4c150ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37579
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635787520984751"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 04 Nov 2021 10:48:55 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=ssp.kbzk&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1636022933726&de=219647409754&rx=758742001040&m=0&ar=553ffc12ef5-clean&iw=aa17278&q=2&cb=0&cu=1636022933726&ll=2&lm=0&ln=0&em=0&en=0&d=16839141%3A237842901%3A5250393788%3A138298488418&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kbzk.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=crackedscrippsdfpprebidheader262014341684&fd=1&ac=1&it=500&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&pe=1%3A479%3A479%3A1135%3A464&fs=195402&na=1278489306&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:55 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 04 Nov 2021 10:48:55 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.kbzk.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 04 Nov 2021 10:48:55 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 4491 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=803918
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhL6H6rXdteEvikLabCRP8Yu4njsILFw3EPdy3duytdirpQ7l67swmPwevBs%2FqDk9vGAl0baf%2F7ym331Ls%2Ft2NveGbbfrW0EPR80bKhJb2pTIDK6Ht53fjsyHT6PaeJ%2F9%2FPi4b8zoXymJ9yFKrrpyKIz3g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6a8d45d26d0b0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
x-request-id
FrRSMRoZATzobUAJou_C
3faa2cb2-fadc-437d-b6f9-389b67290046
https://www.kbzk.com/ Frame 4491 		770 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.kbzk.com/3faa2cb2-fadc-437d-b6f9-389b67290046
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44d9440d0049a74398c2cba2f2b51c0e201ace1c8de68cfa977efd1c1e91d87d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
770
Content-Type
application/javascript
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 424B 		87 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dea7fdea8bc13f2d8a65f79ea42af7bdf8fcde1538a64a79d5ef2069da769859

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
4m.J19AallZbEZFxu2fgOm.83VjUF.32
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 18:53:00 GMT
server
AmazonS3
age
31
etag
W/"f7f83899a340bbbe216a4c5699b0f409"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
max-age=300, public
date
Thu, 04 Nov 2021 10:48:54 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
EQ9uQEZS2up_VDSsXs40cJJy2Z4_lfuhj_vjVUd5PizNe8O27CV-Qw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 424B 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CY9dAXFmq0djyaCDPgWgviBVvu3Htukf8rJe9GDottbplp-AOCDCAs6_eJvgUcaeSF14PBxd50glfeZHxwT-fG9P3oIPyDfDd4_k74idXAu4c1EP4
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211101/r20110914/client/ Frame 424B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211101/r20110914/client/window_focus_fy2019.js
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:33:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
911
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Nov 2021 10:33:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 424B 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0253185a4cfd8a31fa015f856c47a032cf99a7aa4f528389965225dc4c150ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37579
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635787520984751"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 04 Nov 2021 10:48:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211101/r20110914/client/ Frame 424B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211101/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6c5104f1b12a782a5771bc1b99e5dad3ddc3c1c1e84f64b25f9a510c902b7a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6338
x-xss-protection
0
server
cafe
etag
5080151685228361234
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Nov 2021 10:39:17 GMT
l
www.google.com/ads/measurement/ Frame 424B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuUgIjFs5AyGkgAw_KFFtFGW6YPFFYw1sHwzJDiq3SG_XKbPuQkFmPGvb5t6lfO9YDbONcqL1GonsCo33Qo2yAOuEDoA
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 4491 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLxZLf9w4LGy6wqvlN_usGB_qXveINcA-i9Kn07_0FwRS26ZyMJB0crr8ACpvV6K-MNH05f0BdCax9dPHVAsewLj5yFPrPlFikkJiTwvAjYnHIwxHnrNuNyqxIyqbFgxl9WdK26D4Mriz8P4H2J_KHPWo3EQFQ8wGNijVFpSIQ-Ur1RZqKhff1SR3sHerw77y6kW-n5om9NWoqm0vkUX8sOJWiRiQnxmLKinetGg3XOF8e-BfLj_33p7gLNuVTMGCuq6IuzipOcgGvUPie1tY35RxFl-JpdrREpdyaKhIbRXU17GheIT9Wzs8&sig=Cg0ArKJSzA5XX4e522GXEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Nov 2021 10:48:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 424B 		0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=303816
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dXSSGea1Uq3zE%2FQxmQXi6xtIuuAVTPdoGnz2GR5AA2scL2%2F%2Ba9YuyVQccGZxLuIWqn%2Bvcq2x4tASZVreMSFYaylj437b3%2FZ%2FXGjWt5Lu6GS5zfCicduJP6qOWxFVZVU9Zya1bowFe6NZDXmSWMTxylKcA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6a8d45d26d0d0f82-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
x-request-id
FrRSMRnGGxL98_0Ji0Ei
view
securepubads.g.doubleclick.net/pcs/ Frame 4491 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuT_C4LLTTb9Ir3s1BRwovzWYvCyp5G9GDjH-m8KrgjRqWicBbrd2xQCqWSxvUNQww3i3WsTWDS1jj6c2LEeoIrgEaM8ckMKOAO-tNc4NCioCcn_o4cTL-cT9at2AgGvzQh6qc64Gbbwhm5R_aQXOYbzExB3gtOzdTPp-Fg31TUCZXTN9wc8mzMuJa_gVUe2e50XCTsLk7jNbJ3nZBRgXL7ebvbLWn9uv1HCcJcjV9WeJRzqQAX7IUUUaz62vwkiUiPfs1qEi5qYLv6VIEfJ9TORRVNHpnz7Me7dvEuLeC2vGPZnlev6pYbKsT8Sw&sig=Cg0ArKJSzD0yo0uKd07BEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Nov 2021 10:48:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 04 Nov 2021 10:48:55 GMT
truncated
/ Frame 4491 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f19342be97ccffeeb596b9f058b89ca122374959d9244f19203d2c0ef9018cee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
fab13b4c-3a5b-4e31-8de7-258d512fff24
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/ Frame 424B 		770 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/fab13b4c-3a5b-4e31-8de7-258d512fff24
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44d9440d0049a74398c2cba2f2b51c0e201ace1c8de68cfa977efd1c1e91d87d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
770
Content-Type
application/javascript
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9638 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjU8am3ATAB&v=APEucNW8ADdXDzB6IfRaQfK5dZqVumCTYthfSe1MS4xcPnHkyCDDVAv0WSE6XY7YnOCl_r05Bpo8l40PN0vm6l5rXQEiSxbErpPe_zf4RjQCs5F1SuIPfX2JoVgrMVOlvoy6SyBvmpsH0UYINa5YIOg8Gyfk6KRY7VV5wgHo4JC_aNSKX8GKOVA
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 04 Nov 2021 10:48:55 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 424B 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfGdau4L0Rb12VMUh2u4P6kJ5B8X8DrfM6vgVb1vwk8EUyQ4BPJId2rDYRB4sUifFyDPvAO1vNTit9InH4JpD7qLHIaSMWObcQ0T-BM08-hSZEa9ngnJDd7K3NoqFJC33nl8SlvqDdGtjt-lgE7KlZI0DGhA&dbm_d=AKAmf-CDwwW5IXeu25XU5MqYf52flvz9xcHuoLg8htBFSKq2vYy4_5dlQIGlh17DBxOGCpJX3mmuZ2AoKoaYLSXrUVdCMzQ9rIibDGyZLjAphEIgWNnwu6us1M0xiKj3BTrlYhKG0-RVzvDUxINCwwhUZxBZFXeE0V15xLr1yaglqocowDtCXfLQvFn7Nds80Nfp7cnWK8mT3icmdEv9MVUzhcNjBCzRv-QQxitcZQC2lKB0rYHSyo9IQQacXVPMTsRYFXsqqJK81LVU3U6K2hyW5qjvWtfHA-hVpPzeaR5fvlDnxsLABFgqdHlWokhuY1seBorBT6-RLuZguQBCduLX8IJhgzlOAqUY8Ean_hoA0FVdvBLU9_zQ19ylv0P-TSV0G3rpsuZ2bDN6ePP_hON08O1QHZLxtwRMAFB9sN9KW4KZxfBWsgE1f473qCRo9R1PaXX_NqcDOrPkBj3D5RPtNxpupeqa-GbdE9e4BEQfGRjrIZpkGpPD2-x_ZVMpZavl-ZIvN43PPPOadD4kzMG2ZYeYaw5RJrnfR4w2MfGPMKSDjN1NveMa_U9sNdhvZ-OyBfhj2nvQLSs5xCt4_avDGMWgrTuVh86dnTCYQJz5j-1x1dQIGZFp3nlWsfNGYXJ_IKWJl2x6jyOug37oetzECaCGvYYVMPBMC4QgU-J0wd9zRoQ6DlhmwGOnIs0edXfK4McN2HZuOBVMVxsiUIfkyncOzEBdYPU21eJybI7QeJdKvFUBsz2CSM--k_mJZfWyb0WgBJBTig9hI9IxHbWLuJ19Ki5OZiKC-ypc026ySiekQUMIFEA7AtuqSNxRAuHROjh7JQhgWVV39trdAsMhSMVHe9Oz9VMiAwK_UWlAGLMGQbDAEJfvl-BWHZQG9co8MUipxDCWiDVUOT5mHI3aVIyvsuiuRjbuNgTDI1oRI2qamjAWWSyM4nBJPl8ZJYys4QC0zf0MTiVLAn0dcQp5RBRKrdu0sCUXc1E06qPgQrCydfJxOIXGkk9ZED49CtsiwZcjBGn2IPZoMpFzU4VqQpD4ZAbmJxFfE_mp8kEzyBCwQ2xuK_-S4JNllPJ8GHZ6cu9OcvEuHaJT3FEDngf1uNk79XeEk2a4wcz2s149fQbTr3WdeEAvtAgaNJxZxCPGyFVvBnTqmLOFSK_XNkD_FO3fuFqMp9hXbsj1HeGYevrKYK-9jMTQNwgyjXK6-GvcVauDqT_CrdUT-uvNCrmUgeJ-uOGaPO5suklbiK-Mv1RcTDVMpm6uHOqtFe1gJzQSJ6s7e8i-TUx93CvSxf1d7Cd0wTEjkyHDGsEMWeG61xKxsaAfCp6knpcNzWee8vBYKUf13v9TROagOhv8Td-aKVQM5iUFfarBZqRDkb8mppHOaqBeVzvPwdd07PiHn8fpzg9xozJpnPFrK70LCzmKEJP0uxvjXUcGLTJ_4J0NwX4lL3s44DfGOoA5GO9SPcYhCrYqPuLFRsi1jLJsJtGEOaZvca8PrLwhGzUi7NKCKx9oydMoHv-V2-RXdJX8fsBvm53_v99oYG28aocm-LYRcPeGR8GKfw5rcvqUiLq16sSNO7k0kBTeX1JXvBOROj_Pt-VShCZogPNmAIP8KylZnOCBksvDRTNWwfwqxMWFLnRP0Cugo4_kLAZRF_SF6cfG6Q0u5UB08h-3Bm4RkgipPXSp5kHrJWZWBhYLLjfjxSkmm024QgVUyLWBHqk7z1VeR0wYTddf-JMcfVflQm8o5xZQi1c-UIsxBecBIguTcS9ZWaJ7ZOxygT5207HiyKr2iuVPlcop88FP4xZumWCan81KCCZi5RtVCTbjheacjur0BwMemeuhlvQ2vVR9Zb5Ld0I2QkLjPJkjPuKllAx0vEhilV8fYXor4eupc4xiNBwShY5GeAlv4KyQVPhUSjqvzAJEJoTgqXBTzk5S5FK2Oi78mbDurVW4Yv1eMJmXNiJB5LyN-BgQ1pW7dIOR9lsIzqalbGxH68v0wbKTinT_RKGmmUGJyXBInPA3kMSFMOKlH2XzJmb7aZS0XvNNKWMhUyDaRj7OQO3Pi0tY-PQVpwa41fGE5MMmCBhAlY0JEV4g3FQ4A4sb0BqmEKYFIOeahGC_edpZRRKUkMOecs_Ng2NnMjJKFfHHQizRoZtsuL_oaEcaLOvMe9KIvaujQZTzPYBMCsRsNxZ15jrtOT7sOuaVDVhg9UPS-qoqBHk0sa7HsrjyhEJAjKtu1bxqOHHiI8WMemoCgseHTPdyYb1w89orfIG7Voi1yMKjnJC1NavntcCfqgqpS4d0az8AmK786hhSgsY6PBHYtapWYp2hmCULUulYcBR02sGwtgkYcbReI_64TYdKLL6QRWbiiAVnlqzt2LXjhHG56BUrQjLfgwpvtpQLRs4D5UZLcGEyCwJjfws8x99WHUyJ_RW-SLuZuL0KkieJBvzbeOMKq7WpJNpbstmM10YdpTlK7QFWvb9uEWsdbNkr-v2eWfij7GwztI5AF3BLLwSHlemuT8XEpLBhJcBTZn4fEx0jDX0UF1UTs3Mklnybm9zwxepd-DniC7P01qSaTfPH97eb-ExwFPv7D1nv2tH_dvHI64ukUPu16nlBr9KuJ8n_m1XbpOHn7u6Z_dqSsDRuwPpCnbsoYBO7gGS4B-P4eLplcKLDCU0Bj7JyTZaQVhXpUcczCA-I4tlS4UCmeeJxUJEsl2jsnTs-qCwLRk6TdMvaQvlboMnVQYmgMjL_YVcJfPr09wzNKfhKNAsPvcf3rx4uiHDgE10dMC7Su5-o69XeCPGdYwYzc_R4EG5e09s7Mfc-ybLOxGDOPszCBAeYx0KJ9Hf1kxjrEEOnX3Qjc2pDYWbvHxIrbJA1M89wnAh6hqf5aClSOx04Vg3kLs65gBXBSjHhD65TmtbHFw1L1blzmjCfjcTKAfr_GyIuru1zkTrvywsNGZWql8icH3Maaxv_iqj3WHIl3jsZs9LNYBrjYkGjgq2PMd0y1Ll1IHjQMz0QtqP8rD-Vnw5TzOa38MIruLRSpzDlcGQWk4m5eDCohWmd_kAEDNnh2UdxJPS3kC_1KPVDBDGmZ_p1YMpyLerdkzOhP1eJn_zu8g&cid=CAASEuRotVb4OVkgTTd6nQC5GIqJ9w&rfl=1%2Chttps%253A%252F%252Fwww.kbzk.com%252F%240
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a0e0d4b34445b03b1045bd16fc0a673daca3e85fe1f50100f27f69c02bf8ab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32681
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9638
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkKKvvtMtzC-AZ9z6rxQbQ&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkKKvvtMtzC-AZ9z6rxQbQ&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkKKvvtMtzC-AZ9z6rxQbQ&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjU8am3ATAB&v=APEucNW8ADdXDzB6IfRaQfK5dZqVumCTYthfSe1MS4xcPnHkyCDDVAv0WSE6XY7YnOCl_r05Bpo8l40PN0vm6l5rXQEiSxbErpPe_zf4RjQCs5F1SuIPfX2JoVgrMVOlvoy6SyBvmpsH0UYINa5YIOg8Gyfk6KRY7VV5wgHo4JC_aNSKX8GKOVA
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 04 Nov 2021 10:48:55 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkKKvvtMtzC-AZ9z6rxQbQ&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Thu, 04 Nov 2021 10:48:55 GMT
rum
dsum-sec.casalemedia.com/ Frame 9638
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYO6l0uAjJshze3D3J50PgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkKKvvtMtzC-AZ9z6rxQbQ&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkKKvvtMtzC-AZ9z6rxQbQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjU8am3ATAB&v=APEucNW8ADdXDzB6IfRaQfK5dZqVumCTYthfSe1MS4xcPnHkyCDDVAv0WSE6XY7YnOCl_r05Bpo8l40PN0vm6l5rXQEiSxbErpPe_zf4RjQCs5F1SuIPfX2JoVgrMVOlvoy6SyBvmpsH0UYINa5YIOg8Gyfk6KRY7VV5wgHo4JC_aNSKX8GKOVA
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 04 Nov 2021 10:48:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOkKKvvtMtzC-AZ9z6rxQbQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9638
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEM3YCtmCx4bBgb7MgcjHMsg&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEM3YCtmCx4bBgb7MgcjHMsg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjU8am3ATAB&v=APEucNW8ADdXDzB6IfRaQfK5dZqVumCTYthfSe1MS4xcPnHkyCDDVAv0WSE6XY7YnOCl_r05Bpo8l40PN0vm6l5rXQEiSxbErpPe_zf4RjQCs5F1SuIPfX2JoVgrMVOlvoy6SyBvmpsH0UYINa5YIOg8Gyfk6KRY7VV5wgHo4JC_aNSKX8GKOVA
Protocol
HTTP/1.1
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:55 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
750475c4-8a8f-420f-ba97-f2a579354bfa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEM3YCtmCx4bBgb7MgcjHMsg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9638
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxNzk0Mzg0NjgwNjMzNDM4MQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxNzk0Mzg0NjgwNjMzNDM4MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjU8am3ATAB&v=APEucNW8ADdXDzB6IfRaQfK5dZqVumCTYthfSe1MS4xcPnHkyCDDVAv0WSE6XY7YnOCl_r05Bpo8l40PN0vm6l5rXQEiSxbErpPe_zf4RjQCs5F1SuIPfX2JoVgrMVOlvoy6SyBvmpsH0UYINa5YIOg8Gyfk6KRY7VV5wgHo4JC_aNSKX8GKOVA
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:55 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cb97b6ee-39b2-43c6-8661-6e5823462a65
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxNzk0Mzg0NjgwNjMzNDM4MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/769474/57701840/ Frame 424B 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/769474/57701840/skeleton.js
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.159.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-159-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5cff0dbe8614f54efa84b26d658e3806ee99fdeffab9da33034319d05c8321cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:55 GMT
content-encoding
gzip
x-server-name
app05.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 424B 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
Origin
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 05:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 Nov 2021 05:32:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211101/r20110914/elements/html/ Frame 424B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211101/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfGdau4L0Rb12VMUh2u4P6kJ5B8X8DrfM6vgVb1vwk8EUyQ4BPJId2rDYRB4sUifFyDPvAO1vNTit9InH4JpD7qLHIaSMWObcQ0T-BM08-hSZEa9ngnJDd7K3NoqFJC33nl8SlvqDdGtjt-lgE7KlZI0DGhA&dbm_d=AKAmf-CDwwW5IXeu25XU5MqYf52flvz9xcHuoLg8htBFSKq2vYy4_5dlQIGlh17DBxOGCpJX3mmuZ2AoKoaYLSXrUVdCMzQ9rIibDGyZLjAphEIgWNnwu6us1M0xiKj3BTrlYhKG0-RVzvDUxINCwwhUZxBZFXeE0V15xLr1yaglqocowDtCXfLQvFn7Nds80Nfp7cnWK8mT3icmdEv9MVUzhcNjBCzRv-QQxitcZQC2lKB0rYHSyo9IQQacXVPMTsRYFXsqqJK81LVU3U6K2hyW5qjvWtfHA-hVpPzeaR5fvlDnxsLABFgqdHlWokhuY1seBorBT6-RLuZguQBCduLX8IJhgzlOAqUY8Ean_hoA0FVdvBLU9_zQ19ylv0P-TSV0G3rpsuZ2bDN6ePP_hON08O1QHZLxtwRMAFB9sN9KW4KZxfBWsgE1f473qCRo9R1PaXX_NqcDOrPkBj3D5RPtNxpupeqa-GbdE9e4BEQfGRjrIZpkGpPD2-x_ZVMpZavl-ZIvN43PPPOadD4kzMG2ZYeYaw5RJrnfR4w2MfGPMKSDjN1NveMa_U9sNdhvZ-OyBfhj2nvQLSs5xCt4_avDGMWgrTuVh86dnTCYQJz5j-1x1dQIGZFp3nlWsfNGYXJ_IKWJl2x6jyOug37oetzECaCGvYYVMPBMC4QgU-J0wd9zRoQ6DlhmwGOnIs0edXfK4McN2HZuOBVMVxsiUIfkyncOzEBdYPU21eJybI7QeJdKvFUBsz2CSM--k_mJZfWyb0WgBJBTig9hI9IxHbWLuJ19Ki5OZiKC-ypc026ySiekQUMIFEA7AtuqSNxRAuHROjh7JQhgWVV39trdAsMhSMVHe9Oz9VMiAwK_UWlAGLMGQbDAEJfvl-BWHZQG9co8MUipxDCWiDVUOT5mHI3aVIyvsuiuRjbuNgTDI1oRI2qamjAWWSyM4nBJPl8ZJYys4QC0zf0MTiVLAn0dcQp5RBRKrdu0sCUXc1E06qPgQrCydfJxOIXGkk9ZED49CtsiwZcjBGn2IPZoMpFzU4VqQpD4ZAbmJxFfE_mp8kEzyBCwQ2xuK_-S4JNllPJ8GHZ6cu9OcvEuHaJT3FEDngf1uNk79XeEk2a4wcz2s149fQbTr3WdeEAvtAgaNJxZxCPGyFVvBnTqmLOFSK_XNkD_FO3fuFqMp9hXbsj1HeGYevrKYK-9jMTQNwgyjXK6-GvcVauDqT_CrdUT-uvNCrmUgeJ-uOGaPO5suklbiK-Mv1RcTDVMpm6uHOqtFe1gJzQSJ6s7e8i-TUx93CvSxf1d7Cd0wTEjkyHDGsEMWeG61xKxsaAfCp6knpcNzWee8vBYKUf13v9TROagOhv8Td-aKVQM5iUFfarBZqRDkb8mppHOaqBeVzvPwdd07PiHn8fpzg9xozJpnPFrK70LCzmKEJP0uxvjXUcGLTJ_4J0NwX4lL3s44DfGOoA5GO9SPcYhCrYqPuLFRsi1jLJsJtGEOaZvca8PrLwhGzUi7NKCKx9oydMoHv-V2-RXdJX8fsBvm53_v99oYG28aocm-LYRcPeGR8GKfw5rcvqUiLq16sSNO7k0kBTeX1JXvBOROj_Pt-VShCZogPNmAIP8KylZnOCBksvDRTNWwfwqxMWFLnRP0Cugo4_kLAZRF_SF6cfG6Q0u5UB08h-3Bm4RkgipPXSp5kHrJWZWBhYLLjfjxSkmm024QgVUyLWBHqk7z1VeR0wYTddf-JMcfVflQm8o5xZQi1c-UIsxBecBIguTcS9ZWaJ7ZOxygT5207HiyKr2iuVPlcop88FP4xZumWCan81KCCZi5RtVCTbjheacjur0BwMemeuhlvQ2vVR9Zb5Ld0I2QkLjPJkjPuKllAx0vEhilV8fYXor4eupc4xiNBwShY5GeAlv4KyQVPhUSjqvzAJEJoTgqXBTzk5S5FK2Oi78mbDurVW4Yv1eMJmXNiJB5LyN-BgQ1pW7dIOR9lsIzqalbGxH68v0wbKTinT_RKGmmUGJyXBInPA3kMSFMOKlH2XzJmb7aZS0XvNNKWMhUyDaRj7OQO3Pi0tY-PQVpwa41fGE5MMmCBhAlY0JEV4g3FQ4A4sb0BqmEKYFIOeahGC_edpZRRKUkMOecs_Ng2NnMjJKFfHHQizRoZtsuL_oaEcaLOvMe9KIvaujQZTzPYBMCsRsNxZ15jrtOT7sOuaVDVhg9UPS-qoqBHk0sa7HsrjyhEJAjKtu1bxqOHHiI8WMemoCgseHTPdyYb1w89orfIG7Voi1yMKjnJC1NavntcCfqgqpS4d0az8AmK786hhSgsY6PBHYtapWYp2hmCULUulYcBR02sGwtgkYcbReI_64TYdKLL6QRWbiiAVnlqzt2LXjhHG56BUrQjLfgwpvtpQLRs4D5UZLcGEyCwJjfws8x99WHUyJ_RW-SLuZuL0KkieJBvzbeOMKq7WpJNpbstmM10YdpTlK7QFWvb9uEWsdbNkr-v2eWfij7GwztI5AF3BLLwSHlemuT8XEpLBhJcBTZn4fEx0jDX0UF1UTs3Mklnybm9zwxepd-DniC7P01qSaTfPH97eb-ExwFPv7D1nv2tH_dvHI64ukUPu16nlBr9KuJ8n_m1XbpOHn7u6Z_dqSsDRuwPpCnbsoYBO7gGS4B-P4eLplcKLDCU0Bj7JyTZaQVhXpUcczCA-I4tlS4UCmeeJxUJEsl2jsnTs-qCwLRk6TdMvaQvlboMnVQYmgMjL_YVcJfPr09wzNKfhKNAsPvcf3rx4uiHDgE10dMC7Su5-o69XeCPGdYwYzc_R4EG5e09s7Mfc-ybLOxGDOPszCBAeYx0KJ9Hf1kxjrEEOnX3Qjc2pDYWbvHxIrbJA1M89wnAh6hqf5aClSOx04Vg3kLs65gBXBSjHhD65TmtbHFw1L1blzmjCfjcTKAfr_GyIuru1zkTrvywsNGZWql8icH3Maaxv_iqj3WHIl3jsZs9LNYBrjYkGjgq2PMd0y1Ll1IHjQMz0QtqP8rD-Vnw5TzOa38MIruLRSpzDlcGQWk4m5eDCohWmd_kAEDNnh2UdxJPS3kC_1KPVDBDGmZ_p1YMpyLerdkzOhP1eJn_zu8g&cid=CAASEuRotVb4OVkgTTd6nQC5GIqJ9w&rfl=1%2Chttps%253A%252F%252Fwww.kbzk.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Nov 2021 10:46:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211101/r20110914/ Frame 424B 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfGdau4L0Rb12VMUh2u4P6kJ5B8X8DrfM6vgVb1vwk8EUyQ4BPJId2rDYRB4sUifFyDPvAO1vNTit9InH4JpD7qLHIaSMWObcQ0T-BM08-hSZEa9ngnJDd7K3NoqFJC33nl8SlvqDdGtjt-lgE7KlZI0DGhA&dbm_d=AKAmf-CDwwW5IXeu25XU5MqYf52flvz9xcHuoLg8htBFSKq2vYy4_5dlQIGlh17DBxOGCpJX3mmuZ2AoKoaYLSXrUVdCMzQ9rIibDGyZLjAphEIgWNnwu6us1M0xiKj3BTrlYhKG0-RVzvDUxINCwwhUZxBZFXeE0V15xLr1yaglqocowDtCXfLQvFn7Nds80Nfp7cnWK8mT3icmdEv9MVUzhcNjBCzRv-QQxitcZQC2lKB0rYHSyo9IQQacXVPMTsRYFXsqqJK81LVU3U6K2hyW5qjvWtfHA-hVpPzeaR5fvlDnxsLABFgqdHlWokhuY1seBorBT6-RLuZguQBCduLX8IJhgzlOAqUY8Ean_hoA0FVdvBLU9_zQ19ylv0P-TSV0G3rpsuZ2bDN6ePP_hON08O1QHZLxtwRMAFB9sN9KW4KZxfBWsgE1f473qCRo9R1PaXX_NqcDOrPkBj3D5RPtNxpupeqa-GbdE9e4BEQfGRjrIZpkGpPD2-x_ZVMpZavl-ZIvN43PPPOadD4kzMG2ZYeYaw5RJrnfR4w2MfGPMKSDjN1NveMa_U9sNdhvZ-OyBfhj2nvQLSs5xCt4_avDGMWgrTuVh86dnTCYQJz5j-1x1dQIGZFp3nlWsfNGYXJ_IKWJl2x6jyOug37oetzECaCGvYYVMPBMC4QgU-J0wd9zRoQ6DlhmwGOnIs0edXfK4McN2HZuOBVMVxsiUIfkyncOzEBdYPU21eJybI7QeJdKvFUBsz2CSM--k_mJZfWyb0WgBJBTig9hI9IxHbWLuJ19Ki5OZiKC-ypc026ySiekQUMIFEA7AtuqSNxRAuHROjh7JQhgWVV39trdAsMhSMVHe9Oz9VMiAwK_UWlAGLMGQbDAEJfvl-BWHZQG9co8MUipxDCWiDVUOT5mHI3aVIyvsuiuRjbuNgTDI1oRI2qamjAWWSyM4nBJPl8ZJYys4QC0zf0MTiVLAn0dcQp5RBRKrdu0sCUXc1E06qPgQrCydfJxOIXGkk9ZED49CtsiwZcjBGn2IPZoMpFzU4VqQpD4ZAbmJxFfE_mp8kEzyBCwQ2xuK_-S4JNllPJ8GHZ6cu9OcvEuHaJT3FEDngf1uNk79XeEk2a4wcz2s149fQbTr3WdeEAvtAgaNJxZxCPGyFVvBnTqmLOFSK_XNkD_FO3fuFqMp9hXbsj1HeGYevrKYK-9jMTQNwgyjXK6-GvcVauDqT_CrdUT-uvNCrmUgeJ-uOGaPO5suklbiK-Mv1RcTDVMpm6uHOqtFe1gJzQSJ6s7e8i-TUx93CvSxf1d7Cd0wTEjkyHDGsEMWeG61xKxsaAfCp6knpcNzWee8vBYKUf13v9TROagOhv8Td-aKVQM5iUFfarBZqRDkb8mppHOaqBeVzvPwdd07PiHn8fpzg9xozJpnPFrK70LCzmKEJP0uxvjXUcGLTJ_4J0NwX4lL3s44DfGOoA5GO9SPcYhCrYqPuLFRsi1jLJsJtGEOaZvca8PrLwhGzUi7NKCKx9oydMoHv-V2-RXdJX8fsBvm53_v99oYG28aocm-LYRcPeGR8GKfw5rcvqUiLq16sSNO7k0kBTeX1JXvBOROj_Pt-VShCZogPNmAIP8KylZnOCBksvDRTNWwfwqxMWFLnRP0Cugo4_kLAZRF_SF6cfG6Q0u5UB08h-3Bm4RkgipPXSp5kHrJWZWBhYLLjfjxSkmm024QgVUyLWBHqk7z1VeR0wYTddf-JMcfVflQm8o5xZQi1c-UIsxBecBIguTcS9ZWaJ7ZOxygT5207HiyKr2iuVPlcop88FP4xZumWCan81KCCZi5RtVCTbjheacjur0BwMemeuhlvQ2vVR9Zb5Ld0I2QkLjPJkjPuKllAx0vEhilV8fYXor4eupc4xiNBwShY5GeAlv4KyQVPhUSjqvzAJEJoTgqXBTzk5S5FK2Oi78mbDurVW4Yv1eMJmXNiJB5LyN-BgQ1pW7dIOR9lsIzqalbGxH68v0wbKTinT_RKGmmUGJyXBInPA3kMSFMOKlH2XzJmb7aZS0XvNNKWMhUyDaRj7OQO3Pi0tY-PQVpwa41fGE5MMmCBhAlY0JEV4g3FQ4A4sb0BqmEKYFIOeahGC_edpZRRKUkMOecs_Ng2NnMjJKFfHHQizRoZtsuL_oaEcaLOvMe9KIvaujQZTzPYBMCsRsNxZ15jrtOT7sOuaVDVhg9UPS-qoqBHk0sa7HsrjyhEJAjKtu1bxqOHHiI8WMemoCgseHTPdyYb1w89orfIG7Voi1yMKjnJC1NavntcCfqgqpS4d0az8AmK786hhSgsY6PBHYtapWYp2hmCULUulYcBR02sGwtgkYcbReI_64TYdKLL6QRWbiiAVnlqzt2LXjhHG56BUrQjLfgwpvtpQLRs4D5UZLcGEyCwJjfws8x99WHUyJ_RW-SLuZuL0KkieJBvzbeOMKq7WpJNpbstmM10YdpTlK7QFWvb9uEWsdbNkr-v2eWfij7GwztI5AF3BLLwSHlemuT8XEpLBhJcBTZn4fEx0jDX0UF1UTs3Mklnybm9zwxepd-DniC7P01qSaTfPH97eb-ExwFPv7D1nv2tH_dvHI64ukUPu16nlBr9KuJ8n_m1XbpOHn7u6Z_dqSsDRuwPpCnbsoYBO7gGS4B-P4eLplcKLDCU0Bj7JyTZaQVhXpUcczCA-I4tlS4UCmeeJxUJEsl2jsnTs-qCwLRk6TdMvaQvlboMnVQYmgMjL_YVcJfPr09wzNKfhKNAsPvcf3rx4uiHDgE10dMC7Su5-o69XeCPGdYwYzc_R4EG5e09s7Mfc-ybLOxGDOPszCBAeYx0KJ9Hf1kxjrEEOnX3Qjc2pDYWbvHxIrbJA1M89wnAh6hqf5aClSOx04Vg3kLs65gBXBSjHhD65TmtbHFw1L1blzmjCfjcTKAfr_GyIuru1zkTrvywsNGZWql8icH3Maaxv_iqj3WHIl3jsZs9LNYBrjYkGjgq2PMd0y1Ll1IHjQMz0QtqP8rD-Vnw5TzOa38MIruLRSpzDlcGQWk4m5eDCohWmd_kAEDNnh2UdxJPS3kC_1KPVDBDGmZ_p1YMpyLerdkzOhP1eJn_zu8g&cid=CAASEuRotVb4OVkgTTd6nQC5GIqJ9w&rfl=1%2Chttps%253A%252F%252Fwww.kbzk.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
746be12cdb7d417120c6f5d26ba5e8170e58ce21bcda9878da792ebad943d46c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:47:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9406
x-xss-protection
0
server
cafe
etag
5148542488999224871
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Nov 2021 10:47:49 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 424B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257894
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 01 Nov 2022 11:10:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ADAF 		1 KB
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 03 Nov 2021 18:26:41 GMT
expires
Thu, 04 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
58934
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 424B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86ee86fc730df003ab1ab3eb927d4a94f40cd83ca32520350222c2f13cc8f24a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 157B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 01 Nov 2021 11:10:41 GMT
expires
Tue, 01 Nov 2022 11:10:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
257894
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame ADAF 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFFceYAccAGpsb6zXFLN024&google_cver=1&google_push=AYg5qPLeAGQwBMt7na1S0_anIIzf_H8P8qKIPloA4nfiqNMpEp9e6rEDlgUczEeN0rTTc5Ywv8BwJjr-oimAfr6Ar5Vcw-0Og-Ee
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:54 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame ADAF
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEM9jTTXaaJ5J4ozHTugcdDU&google_cver=1&google_push=AYg5qPLZ6X8Ifbe1NRe5o36rPH1stgRsVC2RPJRYenPjicZeAM-oyI4tCXWR6R6qsA3Uq9atex2...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEM9jTTXaaJ5J4ozHTugcdDU&google_cver=1&google_push=AYg5qPLZ6X8Ifbe1NRe5o36rPH1stgRsVC2RPJRYenPjicZeAM-oyI4tCXWR6R6qsA3Uq9atex2...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=UdMOn82NT7GQeue8DFK9XA&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=UdMOn82NT7GQeue8DFK9XA&gdpr=1&gdpr_consent=
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:56 GMT
server
Apache-Coyote/1.1
location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=UdMOn82NT7GQeue8DFK9XA&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame ADAF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELlvKp0GRr98RB5nLuURzoo&google_cver=1&google_push=AYg5qPIsO37x5anMlMwe2VMO67KsuUV1Tj75W0Q_BmBIWgSNW9wHVV92C7VCbE0uJvd6LNirJHptqm56XJF8Cdg_PWjoIaF...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIsO37x5anMlMwe2VMO67KsuUV1Tj75W0Q_BmBIWgSNW9wHVV92C7VCbE0uJvd6LNirJHptqm56XJF8Cdg_PWjoIaFrap3G&google_hm=MzE3MDc5NjM2NDYxNzAzNj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIsO37x5anMlMwe2VMO67KsuUV1Tj75W0Q_BmBIWgSNW9wHVV92C7VCbE0uJvd6LNirJHptqm56XJF8Cdg_PWjoIaFrap3G&google_hm=MzE3MDc5NjM2NDYxNzAzNjM0NA%3D%3D
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 04 Nov 2021 10:48:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIsO37x5anMlMwe2VMO67KsuUV1Tj75W0Q_BmBIWgSNW9wHVV92C7VCbE0uJvd6LNirJHptqm56XJF8Cdg_PWjoIaFrap3G&google_hm=MzE3MDc5NjM2NDYxNzAzNjM0NA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame ADAF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC7Q7ckWAxNWec5nHlKhLT0&google_cver=1&google_push=AYg5qPJ63p-kGNaGqrsIJdELYDupRRRvE-VKkvVpf7AZwfjREW5KFT1oBQpzWteSHP2GP2rPOOYgIobx...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC7Q7ckWAxNWec5nHlKhLT0&google_cver=1&google_push=AYg5qPJ63p-kGNaGqrsIJdELYDupRRRvE-VKkvVpf7AZwfjREW5KFT1oBQpzWteSHP2GP2rPOOY...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA5MDM1OTIwMzEwMzA0NDg2Ng&google_push=AYg5qPJ63p-kGNaGqrsIJdELYDupRRRvE-VKkvVpf7AZwfjREW5KFT1oBQpzWteSHP2GP2rPOOYgIo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA5MDM1OTIwMzEwMzA0NDg2Ng&google_push=AYg5qPJ63p-kGNaGqrsIJdELYDupRRRvE-VKkvVpf7AZwfjREW5KFT1oBQpzWteSHP2GP2rPOOYgIobxVhkVgnGjxHywhjvPHYI
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:55 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA5MDM1OTIwMzEwMzA0NDg2Ng&google_push=AYg5qPJ63p-kGNaGqrsIJdELYDupRRRvE-VKkvVpf7AZwfjREW5KFT1oBQpzWteSHP2GP2rPOOYgIobxVhkVgnGjxHywhjvPHYI
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame ADAF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkN...
0
0
pixel
cm.g.doubleclick.net/ Frame ADAF
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEIGChE13H0Y0IZItsRSN5jg&google_cver=1&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
0
0
dot.gif
s0.2mdn.net/ Frame ADAF 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEElziPqKk15C2S8iSR5lfGw&google_cver=1&google_push=AYg5qPJJieXZLJCDGfxL0ZxjNVlGOPxBz8j_KKDhbf3W7G7_hnw9rJ7Fv7ThwTYksuE7S3C_WZ7XlQ9hhrTYjzoCHLT9Z3ShLXz0aw
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 Nov 2021 10:48:55 GMT
attr
cm.g.doubleclick.net/pixel/ Frame ADAF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvLOUK4Qlp1U1y0wkplH3QbbRV0U53ycxhMMRRcDLZNkC9IsAQmxMkIh6mUfc1tfS3bzvmCw
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
728x090.html
s0.2mdn.net/ads/richmedia/studio/pv2/61553327/20210617233614612/ Frame 9E29 		42 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61553327/20210617233614612/728x090.html?e=69&leftOffset=0&topOffset=0&c=7dI7Dquw7G&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
186cacbd07f64789ec269b91ccf46444c6a7b64dadfab39ace561d16c78758f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
10134
date
Thu, 04 Nov 2021 10:48:55 GMT
expires
Fri, 05 Nov 2021 10:48:55 GMT
cache-control
public, max-age=86400
last-modified
Fri, 18 Jun 2021 06:36:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 424B 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcIKnbgD4mO7X3iwhqVgeR_4Ipo-50v-QMTpXc5DNEgv1uvI0IRzDj_yXb0861AiBcutpVueBzXd1p70LI9C0_gT3D_ItfpkbBQppcgythbdjkoa65iq6CMltNocRkgR7pTkmxEyIFx89Nj_ViwtoXZnfoB5BalThSAV36V5dWxQZLUOo44VuHquYq9DKZMrwa6MYC06dXNRJ9Gf4DOTiteq6_cxmYKRadXBeyWl4Ts_42CoTDIbqXaGKFsCu3d2Wkb0PMfTZvIqJpKPHm8enSgDA7HNU0u43dAJoqBzgNzZC4zYNUPu7Yx5SEBYCnaaxdZBXDpzz_MHoCUqUJGLiK3OhMuqI6J7kGf9LCpX8l-vfzPul2qNNLY0x-qLrU2b-CQb_i2ktOd36VidY2pFlNv1Q7xYnIL-nnDfMQqA49NvXeyNDsB73R1_hpeb-4FmqlCvcwT_Xng0zkPro3LyP4XurppqzhzNht0oLoZl_CyEk5ze-99St-4HRinfBifuMbMdAaNu6Jh9gs7C7QXUQqKtyuGB_pPrl8ESasQeSjNcqc9lARIXofSx190Vk_58NxuXvBqZh7ePLdvjnsYNESvKw5ZArTCZddfBcq8LdnsiYMUpNXrIovVzlbCdxy_vwmG4Fs5qoRX5BB-SjK836OMTaEvDd5hXSKikiqBAonKS_D9mA58CasFufVKB97H0oZNYLaerzLC7AuoLHxkpYUTXL7OXzikQLay1hbZZDt0x6Owa9VKHiSZ9VFz9R0rWmhVLtmF7ybt4lKDp5NoqtAH5SR_FybBgmnJfFi7a5LUBf4Tq-7PC6Ohbn8gTY9xa1xtTKtxnSR2kiw0RTBmZgD-kB3KCZnHIbDekFFxdNBii5FF8-apL0bcByC194NcWqMzJxkhXVliT6DNH8e4Qm01vMHfsEwgdCyhJwORObhm6MIsX1wa6AAvnTD-sZzH7trEjFcSpz3rmaAPCLv9Yoa-5PSAlNwVI1Sb7ZDkPSz_Ms4x6I4hRWoWBcio5gxQy_ePfnOPaY2qCsjwVyW0yjWArgDhE46YVL-sTKMq_l0o9dd8P1mJ-B29lGEe47NbIf0ooBbFyOL4_zP4spMUDrMYXywLLTuQnR9-DU7B4jSGfbkmLqit3nPkvWL9tEDWitA0eRpk_1jQRTgQLB5eMYOFA8ZC9ZjndpF_Iyw8-yLj_pQ2yzfqyZNPRIcF407Cu_AgjGRoRR-ieZ-pau65L6dZN5m1_zhFpvfqw84jEjZ9ZuTugLMhljCZMIYhaFe090hAvkvmUQ&sai=AMfl-YSPV6KNqmGFOMM1ejORk-WpBbsW-ZdZcvSDpR_XhDh4L5_njpL569G0vZ6oy24-UWVQKwNdGf7HPJhbH-9iOE81dE_V_jG6i_xdbyJdhJYnU0ZWm2NxNiNHEin98PdAImWMR0hHiWD93FTMX9LH3IkNljHpsQ&sig=Cg0ArKJSzCA3T8rWRPHPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=87&cbvp=1&cstd=82&cisv=r20211101.39423&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 04 Nov 2021 10:48:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js
pagead2.googlesyndication.com/bg/ Frame 157B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13338
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Nov 2022 10:12:53 GMT
main.gr.19.8.262.js
static.adsafeprotected.com/ Frame 424B 		187 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.262.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/769474/57701840/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22ef2006e97195cfb88d54aeaba74e642d7ca557a14b6c2dc177148292c85f88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 20:01:25 GMT
content-encoding
gzip
age
139651
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 02 Nov 2021 19:46:22 GMT
server
AmazonS3
etag
W/"1771b210d878f18283a76c5f7bc7efde"
vary
Accept-Encoding
x-amz-version-id
_uxMhjIYmJy7TQMYiLaYLX.G3djrVDSO
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
5d-u6AqQoMb4bJ0eoTHS7vPXWMOoKus1HsnwFtUhAcnmtHB7Us1iDQ==
skeleton.js
static.adsafeprotected.com/ Frame 424B
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/769474/57701840/skeleton.js?adsafe_url=https%3A%2F%2Fwww.kbzk.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F23797541a079c9ba1948c3234b69d80d.safeframe.googlesy...
  • https://static.adsafeprotected.com/skeleton.js
17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:223f:2200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 08:35:57 GMT
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
age
10375979
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
89I6nEoY32VFRBBtjflNq0uGfnf9V-xCsCJ2-M5qVyXnTIffTqjAQQ==

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:55 GMT
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 1D82 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 18:55:08 GMT
content-encoding
gzip
age
6623628
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
T-vcNfy5I8Vu9OdrdWJyE6kiqBmgPpWOYrQm14ZeuhyV6OgpFblgDg==
dt
dt.adsafeprotected.com/ Frame 424B 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=19ddaadd-43eb-5f24-76b2-e8784200156b&tv=%7Bc:sZIJ69,pingTime:-3,time:138,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:102%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:138,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:102,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sNN7vCL+1111%7C12%7C13%7C14%7C15*.769474-57701840%7C151%7C152%7C1531%7C154%7C16,idMap:15*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:55 GMT
X-Server-Name
dt46.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 424B 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=19ddaadd-43eb-5f24-76b2-e8784200156b&tv=%7Bc:sZIJ6b,pingTime:-6,time:140,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:140,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:102,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sNN7vCL+1111%7C12%7C13%7C14%7C15*.769474-57701840%7C151%7C152%7C1531%7C154%7C16,idMap:15*,rmeas:1,rend:0,renddet:DIV%7D&tpiLookup=ao:www.kbzk.com*&br=c
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:55 GMT
X-Server-Name
dt38.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 424B 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=19ddaadd-43eb-5f24-76b2-e8784200156b&tv=%7Bc:sZIJ6p,pingTime:-2,time:154,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:198,bdZ:335,beA:358,beZ:360,mfA:443,cmA:445,inA:445,inZ:449,prA:449,prZ:454,si:461,poA:462,poZ:475,cmZ:475,mfZ:475,loA:498,loZ:501,ltA:512,ltZ:512%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:102%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:102,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sNN7vCL+1111%7C12%7C13%7C14%7C15*.769474-57701840%7C151%7C152%7C1531%7C154%7C16,idMap:15*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,sinceFw:50,readyFired:true%7D&br=c
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:55 GMT
X-Server-Name
dt33.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=ssp.kbzk&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2F23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vldfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ZdsW7OXurwpsfw%3D%3D&sc=1&os=1-jA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.kbzk.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=758742001040&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kbzk.com%2F&id=1&ii=4&f=0&j=&t=1636022933726&de=219647409754&cu=1636022933726&m=1886&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=11523&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A479%3A479%3A1135%3A464&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=2&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=1930547948&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:55 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 04 Nov 2021 10:48:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 157B 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCsf6l7qDYY36DfiI9u8PxvW5qAcAAAAAOAHgBAI&bg=!JiWlJWHNAAYH3anuB907ACkAdvg8Wi6lXGnhECyMMxVpwFQcGcC8eUe5RDqZJx7S3nfo3qTDYTo80AIAAAC2UgAAAAloAQeZAxKSaLU8W5p4B5iTNXI4Zw2va32I_Aovgl0y2LVZyPhwuMl_43KiiSXNnZDvxLQVVU3jYmnqcZSs62qjjuCcCvTT-pOpMyf6YzZGCXGp58iReKIZglPlxZckD1tZf901Cw7fe7zto7rTAI7CyVwZagF5schseiGfqyWX9Ne3g3d_atVAGbt37mp112zLItSHKm4GurauiGvwGNs_8Rjfy3uPjEE1PyFur_sOxJFS-MjD3AnWkdsRVFV0td25uBAiT5MpAcCVJ8dqmvP_hzCsyqKiXgxOPvrUftWsdzQjmjInzfYv8Uc4TxvX8XxKAhhWIu7Y2TYFOOD2FAQ03DaZTkFvHAFiwRbOiVsmMo1SwsO249TxlUAIpqkjDFWHYmVp4BNQ3yq5vBNpzBaUQcSYqhMaKOa92GtLeOItjVCOa01WrDrg93g49ZaF2wDFuJZklcEoNwLBI1vTi5DV8Bj6n_rmaVxSW6BhsLHa_TgcYmMv69M0z3YPYd_6aqVH0U3lG8M29jFynyOGwwnXAOLtveCksDitR348gxXShqsqJOdi8-1LWu9Hh9Ofd8t1Gn7uOsmLuMqWWFPVAGeJT2vCx61l_FGKk4WUpZI8UjNOkikmP0FTQhA41S50jgExAg2Fzvtp4JGcEZRGanIcUoDTVShEKjdKopTcvs4eqMQO8_JxdRTl-0ElKZ3IfUBfslxxD2_XsHccK2lG09rPd-b40dbAqU888PE4V-KMbyb5u9J5ygKISSTiBtFn3DKpLh_U9QZQpwxJnu2GjWIHENdLjRxXtwkja5-gn2H7-PdtVJ3YX6u4T4tuR03D6El-k_mwUZL7XVZcpv_iR72-YeXN1Zho1lKT0zbp79ZhMWE-TictAWWDuOiRhFSTgxpP4kVKFEwbXXIkVX_HHe9NQIaVeCr08m3sk8z3Ip1IL61ljYNpBZfzBbIHej1ysjbF7k90cnysJL15_uMncyeb7sG1Dy0grNqRxqMnA2IArC0WPqUftc8J5Q4eH6-KU8S0tmOcbfJGlYUm1DA4mmcfjWFE6kPiz3w
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 424B 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=19ddaadd-43eb-5f24-76b2-e8784200156b&tv=%7Bc:sZIJ7e,time:205,type:e,im:%7Bimprf:%7Bttecl:335,ecd:7,tsecr:15%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:205,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:102,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B116~0%5D,as:%5B116~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sNN7vCL+1111%7C12%7C13%7C14%7C15*.769474-57701840%7C151%7C152%7C1531%7C154%7C16,idMap:15*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:55 GMT
X-Server-Name
dt55.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 9E29 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61553327/20210617233614612/728x090.html?e=69&leftOffset=0&topOffset=0&c=7dI7Dquw7G&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61553327/20210617233614612/728x090.html?e=69&leftOffset=0&topOffset=0&c=7dI7Dquw7G&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 05:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 Nov 2021 05:32:01 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9E29 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61553327/20210617233614612/728x090.html?e=69&leftOffset=0&topOffset=0&c=7dI7Dquw7G&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61553327/20210617233614612/728x090.html?e=69&leftOffset=0&topOffset=0&c=7dI7Dquw7G&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Nov 2021 10:48:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 424B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcIKnbgD4mO7X3iwhqVgeR_4Ipo-50v-QMTpXc5DNEgv1uvI0IRzDj_yXb0861AiBcutpVueBzXd1p70LI9C0_gT3D_ItfpkbBQppcgythbdjkoa65iq6CMltNocRkgR7pTkmxEyIFx89Nj_ViwtoXZnfoB5BalThSAV36V5dWxQZLUOo44VuHquYq9DKZMrwa6MYC06dXNRJ9Gf4DOTiteq6_cxmYKRadXBeyWl4Ts_42CoTDIbqXaGKFsCu3d2Wkb0PMfTZvIqJpKPHm8enSgDA7HNU0u43dAJoqBzgNzZC4zYNUPu7Yx5SEBYCnaaxdZBXDpzz_MHoCUqUJGLiK3OhMuqI6J7kGf9LCpX8l-vfzPul2qNNLY0x-qLrU2b-CQb_i2ktOd36VidY2pFlNv1Q7xYnIL-nnDfMQqA49NvXeyNDsB73R1_hpeb-4FmqlCvcwT_Xng0zkPro3LyP4XurppqzhzNht0oLoZl_CyEk5ze-99St-4HRinfBifuMbMdAaNu6Jh9gs7C7QXUQqKtyuGB_pPrl8ESasQeSjNcqc9lARIXofSx190Vk_58NxuXvBqZh7ePLdvjnsYNESvKw5ZArTCZddfBcq8LdnsiYMUpNXrIovVzlbCdxy_vwmG4Fs5qoRX5BB-SjK836OMTaEvDd5hXSKikiqBAonKS_D9mA58CasFufVKB97H0oZNYLaerzLC7AuoLHxkpYUTXL7OXzikQLay1hbZZDt0x6Owa9VKHiSZ9VFz9R0rWmhVLtmF7ybt4lKDp5NoqtAH5SR_FybBgmnJfFi7a5LUBf4Tq-7PC6Ohbn8gTY9xa1xtTKtxnSR2kiw0RTBmZgD-kB3KCZnHIbDekFFxdNBii5FF8-apL0bcByC194NcWqMzJxkhXVliT6DNH8e4Qm01vMHfsEwgdCyhJwORObhm6MIsX1wa6AAvnTD-sZzH7trEjFcSpz3rmaAPCLv9Yoa-5PSAlNwVI1Sb7ZDkPSz_Ms4x6I4hRWoWBcio5gxQy_ePfnOPaY2qCsjwVyW0yjWArgDhE46YVL-sTKMq_l0o9dd8P1mJ-B29lGEe47NbIf0ooBbFyOL4_zP4spMUDrMYXywLLTuQnR9-DU7B4jSGfbkmLqit3nPkvWL9tEDWitA0eRpk_1jQRTgQLB5eMYOFA8ZC9ZjndpF_Iyw8-yLj_pQ2yzfqyZNPRIcF407Cu_AgjGRoRR-ieZ-pau65L6dZN5m1_zhFpvfqw84jEjZ9ZuTugLMhljCZMIYhaFe090hAvkvmUQ&sai=AMfl-YSPV6KNqmGFOMM1ejORk-WpBbsW-ZdZcvSDpR_XhDh4L5_njpL569G0vZ6oy24-UWVQKwNdGf7HPJhbH-9iOE81dE_V_jG6i_xdbyJdhJYnU0ZWm2NxNiNHEin98PdAImWMR0hHiWD93FTMX9LH3IkNljHpsQ&sig=Cg0ArKJSzCA3T8rWRPHPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=490&vt=11&dtpt=403&dett=3&cstd=82&cisv=r20211101.39423&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.kbzk.com
URL: https://www.kbzk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 04 Nov 2021 10:48:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9E29 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d06587dd2e170068faddf2c5b9d860495d873efd1b7c23176e84ddf5282b9c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Nov 2021 10:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5204
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9E29 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 04 Nov 2021 10:48:55 GMT
dt
dt.adsafeprotected.com/ Frame 424B 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=19ddaadd-43eb-5f24-76b2-e8784200156b&tv=%7Bc:sZIJb5,pingTime:-10,time:444,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1636022935891%7C%7Cd2e9d531f329c85313f210fbc36492fd%7C%7C9ceebc4ad83ababb94d4029b4dca4e66%7C%7C7b6d289bfabca65278143db7cd8700e1%7C%7C0166e18fc0eb65b6a0d3596ebf6221be%7C%7C3c9df94c94f6a02a5aa287925e5c99b4%7C%7Cd14a35ea841dacd00c9ca5a76c589a6e%7C%7C641a7c784515e7bcde8dae2cfa591c24%7C%7C1629390669%7D
Requested by
Host: 23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
URL: https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:55 GMT
X-Server-Name
dt33.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js
pagead2.googlesyndication.com/bg/ Frame A2E9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13338
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Nov 2022 10:12:53 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 9E29 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61553327/20210617233614612/728x090.html?e=69&leftOffset=0&topOffset=0&c=7dI7Dquw7G&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:46:39 GMT
x-content-type-options
nosniff
age
137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Nov 2021 11:01:39 GMT
OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 9E29 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61553327/20210617233614612/728x090.html?e=69&leftOffset=0&topOffset=0&c=7dI7Dquw7G&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:43:06 GMT
x-content-type-options
nosniff
age
350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Nov 2021 10:58:06 GMT
60005582_20211029020650138_STOERER_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9E29 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211029020650138_STOERER_ASSET.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
227836f5a8671ac4f021236e8d249449988d3031483399f660f3efc72eedb14a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61553327/20210617233614612/728x090.html?e=69&leftOffset=0&topOffset=0&c=7dI7Dquw7G&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 12:28:02 GMT
x-content-type-options
nosniff
age
80454
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3498
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 09:06:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Nov 2021 12:28:02 GMT
60005582_20210907022424344_Xbox-SeriesS_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9E29 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210907022424344_Xbox-SeriesS_Asset.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f06e0277bef92622d48f4caef51cff7b4dd32b447a1c789aa65e168549e7ac8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61553327/20210617233614612/728x090.html?e=69&leftOffset=0&topOffset=0&c=7dI7Dquw7G&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 12:28:02 GMT
x-content-type-options
nosniff
age
80454
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20967
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 09:24:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Nov 2021 12:28:02 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 9E29 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_316756585_137378704_-0&ref=25124645_4307561_316756585_137378704_-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Wetzlar, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 10:48:56 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 424B 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKhTEMsACSCDpCDzu-zCDxRt-zp4pFpqhVTKiM-1oc13Tb_AE5kVkV-lyDYr0XwLBqDUx0M8YMLHUeJJDcQ8sFhx84JfBHGcitfuWMCac-_tIFj85a2g&sai=AMfl-YQZTysRRZgqAdEgZ3Gx_k0JfHzD7RQz38OH-U6BL2UO8dXFDyDZZlehCSEcYloaRsoR7TRDSRC3LUaFTufGgLWCm_DkfwVySeQaIs_TZ7ZYBb_3l711VKxdOZFo&sig=Cg0ArKJSzMsaXKgcgU1IEAE&cid=CAASEuRotVb4OVkgTTd6nQC5GIqJ9w&id=lidar2&mcvt=1000&p=1106,436,1196,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211101&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2599995707&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636022935089&rpt=240&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 424B 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=19ddaadd-43eb-5f24-76b2-e8784200156b&tv=%7Bc:sZIJmn,time:1144,type:e,im:%7Bpci:%7Btdr:1005%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1144,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:102,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1055~0%5D,as:%5B1055~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:97,fm:sNN7vCL+1111%7C12%7C13%7C14%7C15*.769474-57701840%7C151%7C152%7C1531%7C154%7C16,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:56 GMT
X-Server-Name
dt33.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=ssp.kbzk&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vldfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ZdsW7OXurwpsfw%3D%3D&sc=1&os=1-jA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.kbzk.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=758742001040&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kbzk.com%2F&id=1&ii=4&f=0&j=&t=1636022933726&de=219647409754&cu=1636022933726&m=2914&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=11523&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A479%3A479%3A1135%3A464&as=1&ag=1035&an=2&gi=1&gf=1035&gg=2&ix=1035&ic=1035&ez=1&ck=1035&kw=835&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1035&bx=2&ci=1035&jz=835&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=835&cd=3&ah=835&am=3&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=753110882&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:56 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 04 Nov 2021 10:48:56 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=ssp.kbzk&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vldfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ZdsW7OXurwpsfw%3D%3D&sc=1&os=1-jA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.kbzk.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=758742001040&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kbzk.com%2F&id=1&ii=4&f=0&j=&t=1636022933726&de=219647409754&cu=1636022933726&m=2915&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=11523&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A479%3A479%3A1135%3A464&as=1&ag=1035&an=1035&gi=1&gf=1035&gg=1035&ix=1035&ic=1035&ez=1&ck=1035&kw=835&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1035&bx=1035&ci=1035&jz=835&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=835&cd=835&ah=835&am=835&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=661924942&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:56 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 04 Nov 2021 10:48:56 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=ssp.kbzk&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vldfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ZdsW7OXurwpsfw%3D%3D&sc=1&os=1-jA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.kbzk.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=758742001040&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kbzk.com%2F&id=1&ii=4&f=0&j=&t=1636022933726&de=219647409754&cu=1636022933726&m=2916&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=11523&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A479%3A479%3A1135%3A464&as=1&ag=1035&an=1035&gi=1&gf=1035&gg=1035&ix=1035&ic=1035&ez=1&ck=1035&kw=835&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1035&bx=1035&ci=1035&jz=835&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=835&cd=835&ah=835&am=835&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=2117280944&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:56 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 04 Nov 2021 10:48:56 GMT
dt
dt.adsafeprotected.com/ Frame 424B 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=19ddaadd-43eb-5f24-76b2-e8784200156b&tv=%7Bc:sZIJCE,pingTime:1,time:2153,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:102%7D,%7Bpiv:100,vs:i,r:,t:1152%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1152,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:102,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1063~0,0~100%5D,as:%5B1063~728.90%5D%7D%7D,%7Bsl:i,t:1152,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:90,fm:sNN7vCL+1111%7C12%7C13%7C14%7C15*.769474-57701840%7C151%7C152%7C1531%7C154%7C16,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:57 GMT
X-Server-Name
dt33.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 424B 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=19ddaadd-43eb-5f24-76b2-e8784200156b&tv=%7Bc:sZIJCE,pingTime:1,time:2153,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:102%7D,%7Bpiv:100,vs:i,r:,t:1152%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1152,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:102,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1063~0,0~100%5D,as:%5B1063~728.90%5D%7D%7D,%7Bsl:i,t:1152,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:90,fm:sNN7vCL+1111%7C12%7C13%7C14%7C15*.769474-57701840%7C151%7C152%7C1531%7C154%7C16,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:57 GMT
X-Server-Name
dt55.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
sync
eb2.3lift.com/ Frame 2A5E
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66d02bee6b2a7924be8c4e8b1b488214a3fc5232748c1f74a2af103796a6e04

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
content-type
text/html; charset=utf-8
content-length
463
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Thu, 04 Nov 2021 10:48:59 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 831F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 01 Nov 2021 05:06:57 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 04 Nov 2021 10:48:59 GMT
Age
22633
X-Served-By
cache-lga21977-LGA, cache-hhn4044-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 400210
X-Timer
S1636022940.822494,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E783 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 01 Nov 2021 05:06:57 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 04 Nov 2021 10:48:59 GMT
Age
22633
X-Served-By
cache-lga21977-LGA, cache-hhn4044-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 400212
X-Timer
S1636022940.841729,VS0,VE0
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 693D 		668 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
f2502cc2d4ee063cf2dd5600a484479ba0548cf3ab227c9f25e00201065d500a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 04 Nov 2021 10:48:59 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
clear
2000248.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame ECB0
Redirect Chain
  • https://sync.serverbid.com/ss/2000248.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

Date
Thu, 04 Nov 2021 10:49:00 GMT
Connection
Keep-Alive
Cache-Control
max-age=23950
Content-Length
4376
Content-Type
text/html
Last-Modified
Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges
bytes
etag
"8ca299ba400101b6642362a2bceff771"
x-amz-request-id
tx0000000000000053dd313-006182c6a9-b250cda-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
0
x-rgw-object-type
Normal
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1636022940.dop229.fr8.t,1636022940.cds218.fr8.shn,1636022940.cds218.fr8.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control
no-cache
2000248.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame A41F
Redirect Chain
  • https://sync.serverbid.com/ss/2000248.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

Date
Thu, 04 Nov 2021 10:49:00 GMT
Connection
Keep-Alive
Cache-Control
max-age=23950
Content-Length
4376
Content-Type
text/html
Last-Modified
Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges
bytes
etag
"8ca299ba400101b6642362a2bceff771"
x-amz-request-id
tx0000000000000053dd313-006182c6a9-b250cda-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
0
x-rgw-object-type
Normal
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1636022940.dop229.fr8.t,1636022940.cds218.fr8.shn,1636022940.cds218.fr8.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control
no-cache
usync.html
eus.rubiconproject.com/ Frame 4285 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Nov 2021 10:48:59 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 348A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=beff6183-ba9b-4300-ac0d-60316c91a3a3&gdpr=1&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=beff6183-ba9b-4300-ac0d-60316c91a3a3&gdpr=1&gdpr_consent=
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Thu, 04 Nov 2021 10:48:59 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 4067 88cc6bf master cdg-pixel-x14 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=beff6183-ba9b-4300-ac0d-60316c91a3a3&gdpr=1&gdpr_consent=
Expires
Thu, 04 Nov 2021 10:48:58 GMT
pd
eu-u.openx.net/w/1.0/ Frame 4536 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
f2502cc2d4ee063cf2dd5600a484479ba0548cf3ab227c9f25e00201065d500a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 04 Nov 2021 10:48:59 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync
eb2.3lift.com/ Frame EE4C
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66d02bee6b2a7924be8c4e8b1b488214a3fc5232748c1f74a2af103796a6e04

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
content-type
text/html; charset=utf-8
content-length
463
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Thu, 04 Nov 2021 10:48:59 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
ssc-cms.33across.com/ps/ Frame 2729 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a79EQiBymr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 -, , ASN (),
Reverse DNS
Software
33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Thu, 04 Nov 2021 10:48:59 GMT
usersync
rtb.gumgum.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=4217943846806334381
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=4217943846806334381
Protocol
H2
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:59 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
76afcc15-7d52-4dcf-9775-1120e8d16408
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=4217943846806334381
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6.gif
id5-sync.com/c/441/19/4/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMO6TbOtSzSiIZinMRVhSN7-ka5-WpokxIffDYCQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMO6TbOtSzSiIZinMRVhSN7-ka5-WpokxIffDYCQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=00818d40-be94-4136-b3c0-b515f13ff3fd&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO6TbOtSzSiIZinMRVhSN7-ka5-WpokxIffDYCQA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=00818d40-be94-4136-b3c0-b515f13ff3fd&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=37e8205f-b951-44cb-a832-6be2627ee79e&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEFzJb5TCIITbIcP75OsdBzA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4217943846806334381&opid=apx&ops=&utidl=tech:goo:CAESEFzJb5TCIITbIcP75OsdBzA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22226998725&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=5560720177337185a004249c9c21f2ef&gdpr=1&gdpr_consent=
0
0
usync.js
eus.rubiconproject.com/ Frame 4285 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1972a83680043082c01dd0f292b98ad23192050b7e871a50e7979b4e2f437472

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 10:48:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37289
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9504
Expires
Thu, 04 Nov 2021 21:10:28 GMT
sd
eu-u.openx.net/w/1.0/ Frame 693D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=80006183-ba9b-4700-96f1-58acb3c44b66
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=80006183-ba9b-4700-96f1-58acb3c44b66
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 04 Nov 2021 10:48:59 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=80006183-ba9b-4700-96f1-58acb3c44b66
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 04 Nov 2021 10:48:58 GMT
sd
us-u.openx.net/w/1.0/ Frame 693D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UBQbXgREGlhLQRBcVkAOWVMVFVtLFxsJV0aZ6G1G
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UBQbXgREGlhLQRBcVkAOWVMVFVtLFxsJV0aZ6G1G
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UBQbXgREGlhLQRBcVkAOWVMVFVtLFxsJV0aZ6G1G
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 693D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9090359203103044866
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9090359203103044866
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9090359203103044866
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 693D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a453ab8c-892d-3aaa-475a-429a277c4b81&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 693D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODgzYzc4NDYtNDA1YS02NDBlLTUyYmEtMTgyM2VkOWU4NWUx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 693D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4QlYXhaixlmpMuwPE9Vxg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4QlYXhaixlmpMuwPE9Vxg&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4QlYXhaixlmpMuwPE9Vxg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame EE4C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame EE4C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMkf7Pcsuopc0VHoF6t-QQQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMkf7Pcsuopc0VHoF6t-QQQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMkf7Pcsuopc0VHoF6t-QQQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EE4C
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY1NTQ4MzY2MjkzMjA5Nzc1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY1NTQ4MzY2MjkzMjA5Nzc1OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY1NTQ4MzY2MjkzMjA5Nzc1OA%3D%3D
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame EE4C 		0
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=9655483662932097758&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 -, , ASN (),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
e+6sOTJStBaQ081wpysAAA==
xuid
eb2.3lift.com/ Frame EE4C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/9655483662932097758?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-u6rn5k9E2oTv3rcfXXbwVcJP9HUGkcvPNp_qjAFfjQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-u6rn5k9E2oTv3rcfXXbwVcJP9HUGkcvPNp_qjAFfjQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 04 Nov 2021 10:48:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-u6rn5k9E2oTv3rcfXXbwVcJP9HUGkcvPNp_qjAFfjQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame EE4C 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=9655483662932097758&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.43 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 10:48:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame EE4C 		42 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=9655483662932097758&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
etag
"af5a8b34ac1d71:0"
last-modified
Thu, 14 Oct 2021 22:27:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6D2152FEE5854BA6AEB784B92A3B68DD Ref B: FRAEDGE1513 Ref C: 2021-11-04T10:48:59Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame EE4C
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9655483662932097758
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9655483662932097758&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9655483662932097758&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.178.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RD68ATEBZ7AV1HDY9Y7A
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9655483662932097758&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame EE4C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame EE4C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4446784529667817552&dongle=d407
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=4446784529667817552&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=4446784529667817552&dongle=d407
pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
async_usersync
ib.adnxs.com/ Frame 831F 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:59 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
178bc8dc-e3e0-458d-93a0-fd1dfd590a2f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2A5E 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 2A5E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMkf7Pcsuopc0VHoF6t-QQQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMkf7Pcsuopc0VHoF6t-QQQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMkf7Pcsuopc0VHoF6t-QQQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2A5E
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY1NTQ4MzY2MjkzMjA5Nzc1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY1NTQ4MzY2MjkzMjA5Nzc1OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY1NTQ4MzY2MjkzMjA5Nzc1OA%3D%3D
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 2A5E 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=9655483662932097758&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 -, , ASN (),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
en/HOTJStBYgxW1pqCsAAA==
xuid
eb2.3lift.com/ Frame 2A5E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/9655483662932097758?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-u6rn5k9E2oTv3rcfXXbwVcJP9HUGkcvPNp_qjAFfjQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-u6rn5k9E2oTv3rcfXXbwVcJP9HUGkcvPNp_qjAFfjQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 04 Nov 2021 10:48:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-u6rn5k9E2oTv3rcfXXbwVcJP9HUGkcvPNp_qjAFfjQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 2A5E 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=9655483662932097758&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.43 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 10:48:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 2A5E 		42 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=9655483662932097758&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
etag
"af5a8b34ac1d71:0"
last-modified
Thu, 14 Oct 2021 22:27:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8F50DF49B0D14BDF8F611140193AF0D6 Ref B: FRAEDGE1513 Ref C: 2021-11-04T10:48:59Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 2A5E
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9655483662932097758
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9655483662932097758&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9655483662932097758&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.178.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TY8AP0A17V5MJW1HYBKW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9655483662932097758&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 2A5E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 2A5E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4374726935629889616&dongle=d407
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=4374726935629889616&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=4374726935629889616&dongle=d407
pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
eu-u.openx.net/w/1.0/ Frame 4536
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=80006183-ba9b-4700-96f1-58acb3c44b66
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=80006183-ba9b-4700-96f1-58acb3c44b66
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 04 Nov 2021 10:48:59 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x3 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=80006183-ba9b-4700-96f1-58acb3c44b66
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 04 Nov 2021 10:48:58 GMT
sd
us-u.openx.net/w/1.0/ Frame 4536
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UBQbXgREGlhLQRBcVkAOWVMVFVtLFxsJV0aZ6G1G
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UBQbXgREGlhLQRBcVkAOWVMVFVtLFxsJV0aZ6G1G
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UBQbXgREGlhLQRBcVkAOWVMVFVtLFxsJV0aZ6G1G
pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4536
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9090359203103044866
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9090359203103044866
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9090359203103044866
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 4536 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a453ab8c-892d-3aaa-475a-429a277c4b81&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4536 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODgzYzc4NDYtNDA1YS02NDBlLTUyYmEtMTgyM2VkOWU4NWUx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4536
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4QlYXhaixlmpMuwPE9Vxg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4QlYXhaixlmpMuwPE9Vxg&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4QlYXhaixlmpMuwPE9Vxg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E783 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:48:59 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bd5ff6c8-8b9b-4ccb-8ab2-c53ff1df4080
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 4285 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 4285
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NoKIy1BGqRRq16DyEzNKe8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3170796364617036344
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3170796364617036344
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

date
Thu, 04 Nov 2021 10:49:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3170796364617036344
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 4285
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGmOOH9cGtGdFiwRflPuO5k&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGmOOH9cGtGdFiwRflPuO5k&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGmOOH9cGtGdFiwRflPuO5k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4285
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZLVFRCNjItMUgtQTY5MA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZLVFRCNjItMUgtQTY5MA==
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZLVFRCNjItMUgtQTY5MA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4285
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=80006183-ba9b-4700-96f1-58acb3c44b66&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=80006183-ba9b-4700-96f1-58acb3c44b66&expires=28
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

Date
Thu, 04 Nov 2021 10:49:00 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x4 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=80006183-ba9b-4700-96f1-58acb3c44b66&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 04 Nov 2021 10:48:59 GMT
tap.php
pixel.rubiconproject.com/ Frame 4285
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YYO6nAAB-jvnLQAz
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYO6nAAB-jvnLQAz&_test=YYO6nAAB-jvnLQAz
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYO6nAAB-jvnLQAz&_test=YYO6nAAB-jvnLQAz
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636022940.164411,VS0,VE0
x-served-by
cache-hhn4021-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYO6nAAB-jvnLQAz&_test=YYO6nAAB-jvnLQAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 4285
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTIxM2I4ZGEwODc2YTBlMDU1MjM1OGExYWQzMWJjODdjNzY1NTYzNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTIxM2I4ZGEwODc2YTBlMDU1MjM1OGExYWQzMWJjODdjNzY1NTYzNw
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTIxM2I4ZGEwODc2YTBlMDU1MjM1OGExYWQzMWJjODdjNzY1NTYzNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 4285 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
usync.html
eus.rubiconproject.com/ Frame 20B3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Nov 2021 10:49:00 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Thu, 04 Nov 2021 10:49:00 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 015A 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=111536
expires
Fri, 05 Nov 2021 17:47:56 GMT
date
Thu, 04 Nov 2021 10:49:00 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 7B0C 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 -, , ASN (),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 04 Nov 2021 10:49:00 GMT
Age
15744275
X-Served-By
cache-lga21980-LGA, cache-hhn4044-HHN
X-Cache
HIT, HIT
X-Cache-Hits
194520, 6461
X-Timer
S1636022940.194338,VS0,VE0
Vary
Accept-Encoding
i.gif
e.serverbid.com/udb/9969/sync/ Frame ECB0
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=9d8d2443-30b2-0943-2cd6-828fa627890c
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=9d8d2443-30b2-0943-2cd6-828fa627890c
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=9d8d2443-30b2-0943-2cd6-828fa627890c
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
m0qm90j5jm00c2ign05ioausobi48dcv
i.gif
e.serverbid.com/udb/9969/sync/ Frame ECB0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=4217943846806334381
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=4217943846806334381
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9f9689a7-1482-44c0-9db3-7a3969c11de2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=4217943846806334381
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame ECB0
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPd1784b1f-3d5c-11ec-8bf2-027c44041890
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPd1784b1f-3d5c-11ec-8bf2-027c44041890
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPd1784b1f-3d5c-11ec-8bf2-027c44041890
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Date
Thu, 04 Nov 2021 10:49:00 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPd1784b1f-3d5c-11ec-8bf2-027c44041890
Connection
keep-alive
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame ECB0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYO6l0uAjJshze3D3J50PgAA%261208
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYO6l0uAjJshze3D3J50PgAA%261208
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYO6l0uAjJshze3D3J50PgAA%261208
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Thu, 04 Nov 2021 10:49:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame ECB0
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=c9b156e02c35da9f0d606fe0
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=c9b156e02c35da9f0d606fe0
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Date
Thu, 04 Nov 2021 10:49:00 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=c9b156e02c35da9f0d606fe0
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usa
sync.go.sonobi.com/ Frame ECB0 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ue1-sb1-dbf172f5-bc5a-401e-b8cc-d446f4a4fe92
p.adsymptotic.com/d/px/ Frame ECB0
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.5944570465654655%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
  • https://p.adsymptotic.com/d/px/ue1-sb1-dbf172f5-bc5a-401e-b8cc-d446f4a4fe92
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/ue1-sb1-dbf172f5-bc5a-401e-b8cc-d446f4a4fe92
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
104.18.99.194 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

location
https://p.adsymptotic.com/d/px/ue1-sb1-dbf172f5-bc5a-401e-b8cc-d446f4a4fe92
cache-control
no-cache
content-length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame A41F
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=9d8d2443-30b2-0943-2cd6-828fa627890c
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=9d8d2443-30b2-0943-2cd6-828fa627890c
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=9d8d2443-30b2-0943-2cd6-828fa627890c
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
nhiblotkfarsp4tk3ftee3mgedpdbqbl
i.gif
e.serverbid.com/udb/9969/sync/ Frame A41F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=4217943846806334381
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=4217943846806334381
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
49d09acb-284f-4a66-9187-24a74eb2d3a2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=4217943846806334381
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame A41F
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPd1784b1f-3d5c-11ec-8bf2-027c44041890
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPd1784b1f-3d5c-11ec-8bf2-027c44041890
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPd1784b1f-3d5c-11ec-8bf2-027c44041890
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Date
Thu, 04 Nov 2021 10:49:00 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPd1784b1f-3d5c-11ec-8bf2-027c44041890
Connection
keep-alive
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame A41F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYO6l0uAjJshze3D3J50PgAA%261208
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYO6l0uAjJshze3D3J50PgAA%261208
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYO6l0uAjJshze3D3J50PgAA%261208
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Thu, 04 Nov 2021 10:49:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame A41F
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=d2c51d00388437f7b72f3738
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=d2c51d00388437f7b72f3738
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Date
Thu, 04 Nov 2021 10:49:00 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=d2c51d00388437f7b72f3738
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usa
sync.go.sonobi.com/ Frame A41F 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame BD12
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Nov 2021 10:49:00 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Thu, 04 Nov 2021 10:49:00 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E6BB 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=111536
expires
Fri, 05 Nov 2021 17:47:56 GMT
date
Thu, 04 Nov 2021 10:49:00 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 72D0 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 -, , ASN (),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 04 Nov 2021 10:49:00 GMT
Age
15744275
X-Served-By
cache-lga21980-LGA, cache-hhn4044-HHN
X-Cache
HIT, HIT
X-Cache-Hits
194520, 6462
X-Timer
S1636022940.204342,VS0,VE0
Vary
Accept-Encoding
ue1-sb1-dbf172f5-bc5a-401e-b8cc-d446f4a4fe92
p.adsymptotic.com/d/px/ Frame A41F
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.6238127772065296%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
  • https://p.adsymptotic.com/d/px/ue1-sb1-dbf172f5-bc5a-401e-b8cc-d446f4a4fe92
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/ue1-sb1-dbf172f5-bc5a-401e-b8cc-d446f4a4fe92
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
104.18.99.194 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

location
https://p.adsymptotic.com/d/px/ue1-sb1-dbf172f5-bc5a-401e-b8cc-d446f4a4fe92
cache-control
no-cache
content-length
0
async_usersync
secure.adnxs.com/ Frame 7B0C 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 -, , ASN (),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
88c8d54b-f99b-4a90-b491-e432dba0b429
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
secure.adnxs.com/ Frame 72D0 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 -, , ASN (),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3c2fce1d-c308-4878-8bfe-9eed95a349e1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 015A 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82325342&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0d5ee3c188649f0193c80dd6f7a065585900016cf06e53b3fb1d4362294f282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:58 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 20B3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1972a83680043082c01dd0f292b98ad23192050b7e871a50e7979b4e2f437472

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 10:49:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37288
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9504
Expires
Thu, 04 Nov 2021 21:10:28 GMT
usync.js
eus.rubiconproject.com/ Frame BD12 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1972a83680043082c01dd0f292b98ad23192050b7e871a50e7979b4e2f437472

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 10:49:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37288
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9504
Expires
Thu, 04 Nov 2021 21:10:28 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 20B3 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Content-Type
image/gif
match
c1.adform.net/serving/cookie/ Frame 14E6 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=3D4A5D00-3A24-42C5-A1B7-A33D615B513A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 04 Nov 2021 10:49:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 4DD9
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1809856044130496677
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1809856044130496677
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 04 Nov 2021 10:49:00 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug012:0:427
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1809856044130496677
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame FF42 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Thu, 04 Nov 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
327184
Pug
simage2.pubmatic.com/AdServer/ Frame B179
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026665022812649620
42 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026665022812649620
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 04 Nov 2021 10:28:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0021:0:358
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 04 Nov 2021 10:49:00 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026665022812649620
Pug
simage2.pubmatic.com/AdServer/ Frame 6EC6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYO6nAAB-jvnLQAz&gdpr=0&gdpr_consent=
1 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYO6nAAB-jvnLQAz&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 04 Nov 2021 10:31:27 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug0022:0:505
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYO6nAAB-jvnLQAz&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Thu, 04 Nov 2021 10:49:00 GMT
via
1.1 varnish
x-served-by
cache-hhn4021-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1636022940.330514,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
rtset
bh.contextweb.com/bh/ Frame 1A3C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDM20wN0RCM1VBQUJobWdwVFZDdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC3m07DB3UAABhmgpTVCw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0A61
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 04 Nov 2021 10:48:58 GMT
content-type
text/html; charset=utf-8
x-lat
amspug005:2:245
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Thu, 04 Nov 2021 10:49:00 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 859E
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1087110338
  • https://sync.1rx.io/usersync/tradedesk/32b17827-439d-455e-9162-1894b40397a3
  • https://sync.targeting.unrulymedia.com/csync/RX-fbba0ce0-d3d9-455b-add7-e3a9ccb9c429-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fbba0ce0-d3d9-455b-add7-e3a9ccb9c429-003
42 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fbba0ce0-d3d9-455b-add7-e3a9ccb9c429-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 04 Nov 2021 10:49:00 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug016:0:507
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Thu, 04 Nov 2021 10:49:00 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fbba0ce0-d3d9-455b-add7-e3a9ccb9c429-003
etag
RXfbba0ce0d3d9455badd7e3a9ccb9c429003
dpe
ad4m.at/ad/ Frame E989 		15 B
916 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a8d45f169f13756-MXP
bridge
cm.adgrx.com/ Frame 7D38 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 04 Nov 2021 10:49:00 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
image2.pubmatic.com/AdServer/ Frame 4D7A
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=eCpzuURojn0khoQaa4duXwqp
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=eCpzuURojn0khoQaa4duXwqp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 04 Nov 2021 10:49:00 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug020:0:331
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 04 Nov 2021 10:49:00 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=eCpzuURojn0khoQaa4duXwqp
strict-transport-security
max-age=0; includeSubDomains;
141
match.deepintent.com/usersync/ Frame 485C 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Thu, 04 Nov 2021 10:48:59 GMT
server
c
i.match
s.tribalfusion.com/z/ Frame F398
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a8d45f27fbb177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Thu, 04 Nov 2021 10:49:00 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
842
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a8d45f14e39177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame F40E
Redirect Chain
  • https://core.iprom.net/cookiesync
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:82908084531722
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:82908084531722
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 04 Nov 2021 10:48:58 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug005:0:409
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Vary
Accept-Encoding
X-adserver-worker
ragnarok-d521eb4bef98@version_1.342
Connection
close
X-server-arch
v2
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=uid:82908084531722
Content-Type
text/html; charset=utf-8
Content-Length
285
X-core-time
1ms
Date
Thu, 04 Nov 2021 10:49:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 5FE1 		43 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=3D4A5D00-3A24-42C5-A1B7-A33D615B513A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
43
cache-control
no-cache, no-store, must-revalidate
expires
0
content-type
image/gif
pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 015A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PUpdADokQsWht6M9YVtROg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
2.21.141.175 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=111536
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Fri, 05 Nov 2021 17:47:56 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=80006183-ba9b-4700-96f1-58acb3c44b66
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=80006183-ba9b-4700-96f1-58acb3c44b66
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 04 Nov 2021 10:49:00 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x4 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=80006183-ba9b-4700-96f1-58acb3c44b66
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 04 Nov 2021 10:48:59 GMT
mw
mwzeom.zeotap.com/ Frame 015A
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=3D4A5D00-3A24-42C5-A1B7-A33D615B513A
  • https://spl.zeotap.com/?zdid=1332&zcluid=f0563c48d587db1a
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d265f231-45ee-44e0-6e23-c0e235282539&reqId=26d07401-c025-44bf-569c-90d028719c6f&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHYzaGtmxUmJsF4gtenwpBM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d265f231-45ee-44e0-6e23-c0e235282539&reqId=26d07401-c025-44bf-569c-90d...
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEHYzaGtmxUmJsF4gtenwpBM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d265f231-45ee-44e0-6e23-c0e235282539&reqId=26d07401-c025-44bf-569c-90d028719c6f&zcluid=f0563c48d587db1a&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6a8d45f3fcb6599b-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEHYzaGtmxUmJsF4gtenwpBM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d265f231-45ee-44e0-6e23-c0e235282539&reqId=26d07401-c025-44bf-569c-90d028719c6f&zcluid=f0563c48d587db1a&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Q0QTVEMDAtM0EyNC00MkM1LUExQjctQTMzRDYxNUI1MTNB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug021:0:400
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN72RodDXKqaHE8KjPbR8Nc&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN72RodDXKqaHE8KjPbR8Nc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:391
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN72RodDXKqaHE8KjPbR8Nc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 015A 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 03 Nov 2021 10:49:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:80006183-ba9b-4700-96f1-58acb3c44b66&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:80006183-ba9b-4700-96f1-58acb3c44b66&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:449
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 04 Nov 2021 10:49:00 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:80006183-ba9b-4700-96f1-58acb3c44b66&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 04 Nov 2021 10:48:59 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=32b17827-439d-455e-9162-1894b40397a3
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=32b17827-439d-455e-9162-1894b40397a3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:542
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=32b17827-439d-455e-9162-1894b40397a3
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9090359203103044866
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9090359203103044866
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:392
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9090359203103044866
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4217943846806334381&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4217943846806334381&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug022:0:463
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f7d28c97-91e8-44fe-a40f-f57d50ace970
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4217943846806334381&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JFiDvHAIgro_DYi-IgyWuydZjbk_W4PrIwq3f3Af
42 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JFiDvHAIgro_DYi-IgyWuydZjbk_W4PrIwq3f3Af
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:373
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JFiDvHAIgro_DYi-IgyWuydZjbk_W4PrIwq3f3Af
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3D4A5D00-3A24-42C5-A1B7-A33D615B513A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-p1wscCJE2uUDvqJyePSwCqWkQ.tliWE-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-p1wscCJE2uUDvqJyePSwCqWkQ.tliWE-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 04 Nov 2021 10:49:00 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-p1wscCJE2uUDvqJyePSwCqWkQ.tliWE-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
3D4A5D00-3A24-42C5-A1B7-A33D615B513A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 015A 		43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3D4A5D00-3A24-42C5-A1B7-A33D615B513A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:5c5f:6ed9:45fe:73d4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7f751e34-236d-4c9c-a536-f999d09bb9a9
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7f751e34-236d-4c9c-a536-f999d09bb9a9
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=6019c368-7bee-4d02-81e6-4ac1babd069d&user_group=1&ssp=pubmatic&bsw_param=7f751e34-236d-4c9c-a536-f999d09bb9a9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7f751e34-236d-4c9c-a536-f999d09bb9a9&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7f751e34-236d-4c9c-a536-f999d09bb9a9&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:620
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7f751e34-236d-4c9c-a536-f999d09bb9a9&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 04 Nov 2021 10:49:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 015A 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3D4A5D00-3A24-42C5-A1B7-A33D615B513A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4446784529667817552&gdpr=0&gdpr_consent=&us_privacy=
1 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4446784529667817552&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:312
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4446784529667817552&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:49:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:470
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:432bd8f8-475a-4b4a-a71a-1b07f14fcb61&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:432bd8f8-475a-4b4a-a71a-1b07f14fcb61&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:564
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:432bd8f8-475a-4b4a-a71a-1b07f14fcb61&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 04 Nov 2021 10:49:00 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 015A
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4217943846806334381
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4217943846806334381
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:48:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:384
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7629dac5-ef91-4a03-9c8c-00e875391d2a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4217943846806334381
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 015A 		35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=ssp.kbzk&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vldfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ZdsW7OXurwpsfw%3D%3D&sc=1&os=1-jA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.kbzk.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&rx=758742001040&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C8&zMoatpt=landing%2Cfalse&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.kbzk.com%2F&id=1&ii=4&f=0&j=&t=1636022933726&de=219647409754&cu=1636022933726&m=6950&ar=553ffc12ef5-clean&iw=aa17278&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=11523&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A479%3A479%3A1135%3A464&as=1&ag=5072&an=1035&gi=1&gf=5072&gg=1035&ix=5072&ic=5072&ez=1&ck=1035&kw=835&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5072&bx=1035&ci=1035&jz=835&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4871&cd=835&ah=4871&am=835&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=195402&na=986054877&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kbzk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Nov 2021 10:49:00 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 04 Nov 2021 10:49:00 GMT
async_usersync
ib.adnxs.com/ Frame 831F 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Nov 2021 10:49:00 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fbff2fcf-3685-4039-9835-166ba0bf498b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E783 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
Domain
id5-sync.com
URL
https://id5-sync.com/c/441/19/4/6.gif?puid=5560720177337185a004249c9c21f2ef&gdpr=1&gdpr_consent=
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC3m07DB3UAABhmgpTVCw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| ScrippsAdLib string| daysSincePublished string| datePublished object| publishedTime object| modifiedTime function| getCookie object| gtmObj string| callLetters string| jsTags string| jsPublishDate string| jsUpdateDate string| jsIsBreaking string| jsIsAlert string| jsAuthors string| jsHasVideo string| jsSection string| jsPageType string| jsDisablePrerollAds string| jsDisableDisplayAds string| jsDisableInlineVideoAds string| jsFname object| dataLayer function| x00_0x278e function| x00_0x4a36 object| _Scanner function| onReady object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper object| ddls object| adsOnPage boolean| IS_CMS object| _disable object| AdDebugger object| ScrippsUtils object| StickyRightRail object| sUserHub object| AdTargetingParams object| DynamicTargetingParams object| ScrippsOutstreamPlayer object| ScrippsAdsLib object| ImageLazyLoad object| googletag function| moatYieldReady object| apstag object| advBidxc object| pbjs object| ScrippsAdUtils function| _getCurrentAdInfo function| fbAsyncInit function| ready function| loadChartbeat string| contentType undefined| define function| ReconnectingWebSocket object| ScrippsUserHub object| FB boolean| apstagLOADED object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _comscore object| _qevents object| HeaderSM function| ia function| _typeof object| PARSELY function| pbjsChunk object| _pbjsGlobals undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_54550491 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi object| _0x5193 function| _0x27fd object| eventsUUIDGen function| uuidGenv4 function| uuidGenerator object| weightedFilter function| getOGTags object| loadTags function| udm_ object| ns_p object| COMSCORE string| jsWxTemp string| jsWxCond object| gaplugins object| gaGlobal object| gaData function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _ScrippsAdLib string| jsInitialBreakpoint object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests object| ampInaboxIframes object| ampInaboxPendingMessages

39 Cookies

Domain/Path Name / Value
.kbzk.com/ Name: _gcl_au
Value: 1.1.1910974252.1636022934
.kbzk.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.kbzk.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1636022933641%2C%22slts%22:0}
.kbzk.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=35dda8b53cfc7922bb6e68f4224efb8e%22%2C%22session_count%22:1%2C%22last_session_ts%22:1636022933641}
.kbzk.com/ Name: _ga
Value: GA1.2.822715628.1636022934
.kbzk.com/ Name: _gid
Value: GA1.2.956033741.1636022934
.scorecardresearch.com/ Name: UID
Value: 1YPSD81OVZR5WZWV8UGXWIg1636022934
.kbzk.com/ Name: _dc_gtm_UA-10036014-11
Value: 1
.kbzk.com/ Name: _dc_gtm_UA-40066851-1
Value: 1
.kbzk.com/ Name: _dc_gtm_UA-29521121-4
Value: 1
.media.net/ Name: gdpr_status
Value: 1
.quantserve.com/ Name: mc
Value: 6183ba95-d310e-45066-28d1c
.kbzk.com/ Name: __qca
Value: P0-647966089-1636022933847
www.kbzk.com/ Name: mnet_session_depth
Value: 1%7C1636022933916
.pymx5.com/ Name: _ia_uid
Value: eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.va5gvp1ChJWys6yQbjUyvVj52K5FdhoRGrDpr6MgA74fArHXkM3Rdg.k2XTkZDPWxhPJd6x.KVAdqk3gcmSOC2myRlDdQ6759AgPNbVeMlu-N0Cuk3yKnCl8GaAtMTblf4IrJSpqgzyFgcYe4Qy5Q_6OcD-EqvJholKZbhVvH-2BOfglD33Jg_xMiI7l5yMb9Zah3lITpdan6YOLOvXByqXWrt_l40il0vRS4K8SJNaPCZYk0IH4qvhp2ydOI5UdSa3v51tgKuGbSTuOD47lUIg5F4m-7HsVxgsQvhyM2cNBr43xWabHnqW3FC4x_N9S3NEcQYGHDOOw-FZnoFzeAGS2BZyFupOekx7p4zGM5C3JyvhmDARJMmE21Cxl_i_vSfnqIX4DZ68qRigBUHGIkObXGmnZB5OIJLa1DLH5bwj3GIoh2tk.s0tyOyEhEcjg_EHZgbpIHg
.pymx5.com/ Name: _ia_version
Value: 2
.openx.net/ Name: i
Value: 77ff94d5-20aa-055d-1d8c-8a72435b787c|1636022934
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==
.adnxs.com/ Name: icu
Value: ChgIxIZ3EAoYASABKAEwlvWOjAY4AUABSAEQlvWOjAYYAA..
.adnxs.com/ Name: uuid2
Value: 4217943846806334381
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlOnWsGgPSzMzbSBXScxyMVEV9DEglCT4J8HaSS7SQ9hHJN-j66Tc0cdLpC30BnuQ0QhYHi90-VlZrHkfUHR2j_c
.gumgum.com/ Name: vst
Value: e_5ba4caeb-d33a-4c51-90d3-c80d403eec87
.rubiconproject.com/ Name: khaos
Value: KVKTTB62-1H-A690
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3wEah7o4Q9UEZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7ltdNewTDJXE2G8pi/18gyxBymPvo8pleP+vvlaCeciHL/R7Fz5/Qhm0=
e.serverbid.com/ Name: azk
Value: ue1-sb1-dbf172f5-bc5a-401e-b8cc-d446f4a4fe92
.doubleclick.net/ Name: IDE
Value: AHWqTUkEzzTDbKsr-7WKmbnwM354PfFRKvUi1UutLXpPD6IweFgpZbs6TiAb7o5zhwQ
.kbzk.com/ Name: __gads
Value: ID=d710c8cf5f50aa6a:T=1636022934:S=ALNI_MaIWVH5a9Uq0TB-ZAzVJ8Ih-q_9Uw
.casalemedia.com/ Name: CMPS
Value: 5224
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVUjdH%+!]tbPl1M>e)ZlrFUfJ+tGXxpGIQV^M^(k>lT$L`naWqj:UE=Fzb#rxEM9HF_%nugO%v4VB%nmp2*$Eto
.casalemedia.com/ Name: CMID
Value: YYO6l0uAjJshze3D3J50PgAA
.casalemedia.com/ Name: CMPRO
Value: 1208
.casalemedia.com/ Name: CMST
Value: YYO6l2GDupcA
.casalemedia.com/ Name: CMRUM3
Value: 2d6183ba972760CAESEOkKKvvtMtzC-AZ9z6rxQbQ
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 9090359203103044866
.yahoo.com/ Name: A3
Value: d=AQABBJe6g2ECEFwP61s8Dk-lqTbXaumccigFEgEBAQEMhWGNYQAAAAAA_SMAAA&S=AQAAApiWKrvuoEspni1g0nadYHc
.tidaltv.com/ Name: tidal_ttid
Value: 51d30e9f-cd8d-4fb1-907a-e7bc0c52bd5c
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_316756585_137378704_-0&ref=25124645_4307561_316756585_137378704_-0
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0sjQyszI0sgAAs+TOPQkAAAA="

10 Console Messages

Source Level URL
Text
network error URL: https://cdn.cookielaw.org/consent/000000/000000.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.kbzk.com/weather/school-closings-delays?_renderer=json
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://assets.scrippsdigital.com/cms/images/color_schemes/kbzk/square--144.png
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIva-o7XrC1-jgmy2HROsw-ieSBtcE4FBRjiatRK40KmG4wAnoztM4Wylc-MMgScQ2Rc9uy6KPN2sE44U02CpO0sM_vMGQ
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYO6l0uAjJshze3D3J50PgAABLgAAAIB&google_push=AYg5qPK_Ylqbegt3ctA2kZEEG2hOHfgwwMbBAjthytpNNGmU4TPN35or4SolgT6wj6qXaSzcAO1FH-sEtFgvpx2UkNO30qVKWxMU&google_gid=CAESEM3VZviRfWRtHx1QiSP4W88&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://p.adsymptotic.com/d/px/ue1-sb1-dbf172f5-bc5a-401e-b8cc-d446f4a4fe92
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://p.adsymptotic.com/d/px/ue1-sb1-dbf172f5-bc5a-401e-b8cc-d446f4a4fe92
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id5-sync.com/c/441/19/4/6.gif?puid=5560720177337185a004249c9c21f2ef&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23797541a079c9ba1948c3234b69d80d.safeframe.googlesyndication.com
4394967.fls.doubleclick.net
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
analyticssystems.net
ap.lijit.com
api.ewscloud.com
api.pymx5.com
assets.scrippsdigital.com
b1sync.zemanta.com
bh.contextweb.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.cookielaw.org
cdn.parsely.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
core.iprom.net
csync.loopme.me
d3plfjw9uod7ab.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
fastlane.rubiconproject.com
fw.adsafeprotected.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
hblg.media.net
hbx.media.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
kbzk.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
mb.moatads.com
mwzeom.zeotap.com
p.adsymptotic.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pool.admedo.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
pymx5.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sejs.moatads.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.ewscloud.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.kbzk.com
x.bidswitch.net
z.moatads.com
bh.contextweb.com
cm.g.doubleclick.net
ib.adnxs.com
id5-sync.com
104.18.99.194
104.244.36.20
104.85.4.23
13.225.87.4
13.32.121.32
134.209.129.254
142.250.186.102
142.250.186.66
143.204.103.127
143.204.95.188
143.204.98.104
143.204.98.82
151.101.1.108
151.101.2.49
159.253.128.188
159.65.196.12
162.55.6.211
169.197.150.8
172.217.18.98
178.128.135.80
178.162.133.149
178.250.2.151
18.156.0.31
18.169.206.72
18.195.106.43
18.197.47.23
18.66.122.78
185.29.134.244
185.33.220.244
185.33.221.13
185.64.189.110
185.64.190.80
195.5.165.20
198.47.127.19
198.47.127.20
2.18.235.40
2.19.35.65
2.21.141.175
2.21.141.232
2.21.143.57
2001:678:cb4:bbbb::11
205.185.216.42
209.54.178.82
213.155.156.183
213.19.147.44
216.58.212.162
23.79.143.124
2600:1f14:61c:1b01:b6a7:74fd:44e0:1ee0
2600:9000:211e:600:6:44e3:f8c0:93a1
2600:9000:2156:1800:13:a391:88c0:21
2600:9000:223f:2200:8:48e:53c0:93a1
2600:9000:2240:9400:10:618e:d880:93a1
2602:803:c004:200::141
2606:4700:10::ac43:db6
2606:4700:20::681a:ad1
2606:4700:3032::ac43:cb69
2606:4700:3037::6815:4e07
2606:4700::6810:9440
2606:4700::6812:d05
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:119:50e1:101::6cae:b25
2620:1ec:c11::200
2a00:1450:4001:802::2004
2a00:1450:4001:809::2001
2a00:1450:4001:810::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c08::9c
2a02:26f0:6c00:286::19fd
2a02:26f0:6c00::210:ba2a
2a02:fa8:8806:12::1460
2a02:fa8:8806:13::1370
2a03:2880:f02d:100:face:b00c:0:3
2a05:d018:d29:3605:5c5f:6ed9:45fe:73d4
34.149.20.76
34.96.74.203
34.98.107.212
34.98.64.218
35.186.253.211
35.210.53.219
35.227.203.93
35.244.174.68
35.71.131.137
37.157.4.28
50.31.142.95
51.79.83.225
52.205.167.202
52.208.210.171
52.28.103.21
52.28.203.152
52.57.26.239
54.171.159.234
63.251.232.170
65.9.71.58
66.155.71.25
67.202.105.22
69.173.144.139
69.173.144.165
72.251.249.13
76.223.111.18
8.43.72.98
82.113.101.132
85.114.159.118
94.23.171.206
0029270a52a7102b17cafcaa205596b0e2a2e74de61b8c3cd8a56b99314d19e5
01677fa45e3b2bbaf419837bd2f3f8485616c619cb6bcede9a60c4e95d6092e2
0253185a4cfd8a31fa015f856c47a032cf99a7aa4f528389965225dc4c150ff2
047accd83549b1dc65c4aa0032cc61279d64a4d8b8adf525e13e706e6c66dab4
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
083be818fb16436a5107dddb2e3033683bf7354a1ea596129a45a3d91a0c7df3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bab1ba55fa1f1a9da74fce26d4775715943cbc915bd00b0d9d4bff7d9f78d7c
0d8e9f41ac3fcbf42d8ebcf39f44424bca63b64e2b4ce78b31efaf860fd5dde0
0eea8c35812bd962fdd6f1c520e106f8640744e017fe08ec881317478e2654e8
0f25d668e1f0efae9b6ae4917c10aacecefb101c2631c2495c295c078c782999
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24
151b6f033b62403e7e12c3db6fef5c1806a9cf6cbb363b8e5f44ac369dafaeb6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
186cacbd07f64789ec269b91ccf46444c6a7b64dadfab39ace561d16c78758f8
1972a83680043082c01dd0f292b98ad23192050b7e871a50e7979b4e2f437472
1a0e0d4b34445b03b1045bd16fc0a673daca3e85fe1f50100f27f69c02bf8ab9
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e0b75cbcb19e1ae15a216d5318ca1bcd794a07aab3980c0f3b9ee1aecf540c2
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
206a1e1c186b9b5e3abc21d422dd59bee3b6bdd6076d2fd63f70c600f303a721
21118ccb721c42f3a801daddd65ee7da4292f178b26628353c346cf454584261
227836f5a8671ac4f021236e8d249449988d3031483399f660f3efc72eedb14a
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22ef2006e97195cfb88d54aeaba74e642d7ca557a14b6c2dc177148292c85f88
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24d1eca2cdf9523d574152e4ebc006c6e2aefde295e42c09ec07304881af354c
2857cbc7500d800d13716371411e4c76952476f819bffc9aa0feed6c705ac7bc
2878c06eaa36809d2bf556a97ac803fa0870241e075817b5310e9b0410cc66d4
2a26f20d5f3397171e7005c1a6fd20e24a01719c595134264c7dbc98c0b25e3c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32376a65245d4aa6d3c33fd3b40af954fb4432a9367e799803947de6bf244ac0
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
350ea75c1e170d0384164a60b83d42162d8ee081012f3185a8c4a21e0a2efd7e
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3bb2339a956d7c8a791caf35075166ee38e430e2e44cf0670507092f7fbb0aa6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eda4579dfee3b9b40ac6c7d9b09b0c19fa9a58a01b50903bbd3521e7a07cf52
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44d9440d0049a74398c2cba2f2b51c0e201ace1c8de68cfa977efd1c1e91d87d
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
46d7e07d67b1d0cbfb5de16360dee008ac5715eeb3d29b446fe2fc5f4a6a52ad
47fade98df084787c2ec689cb7516d04bee739e08a426d1c71a124ba3e39392e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ccdcfd374b5aabcd6b1f5c785dd9b39586ae98d89083c3742dda2aeccf86fac
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53d91fb2b51a3daa0645f78f71b29e695f42b0ac6db0d29f7fc7e5e38c3ffb7a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
586648b9de49457eab52c5a10a04d5c2c08732570b2839e7b9971b89b3656efc
58fa6855261beef5b9dd7d47f5b5fb520c4b8dc91e21d7d91a2f1c1ce3b4223c
591c79a74861a486cf616b4009a7f3f51c2fe74d7753b57057c8734fabfaf0be
5b16540c2dcd73b6f6815ef2ba94aba1adcf2509730ac89de216965d64beaba7
5cff0dbe8614f54efa84b26d658e3806ee99fdeffab9da33034319d05c8321cd
5eb53466565cc29d00bf8f71ad7af94bd5cd580281505fc07235cd45be5077fd
5ebbee10eb6c0347896f9c2c30205379552f2bef6b0cd2ebd5f2bcda68445a29
6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9
69f4e11d0e468f4d27c97c5b8fd113afd11d66fbcce694163ce141b3416ddd10
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d72693895a0f7a64ad32f06f39e80bc65dc66030a62d75942f7fdbeb2ab7906
71d73e73f8e4023d2f6761b86b15005137a9ca293d2504168a91a69c2f4b8ba9
746be12cdb7d417120c6f5d26ba5e8170e58ce21bcda9878da792ebad943d46c
748bd7ba444e5d42e13524be8c1b22c5f2d02efa883cd27007229d70bafd6de0
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7cf89686a83932b96590f942f131f107965fde7ad08b3c7fdbba6c9af641bc22
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86ee86fc730df003ab1ab3eb927d4a94f40cd83ca32520350222c2f13cc8f24a
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
88ac99cf5b4d08578117d2bfe5e6957e7deeb2f2dfb5b563bd5dfa70d6dddef4
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8d47961c0227d8f5e9f821e4980f6700e2385748e20fe3ba50d6b8c29867cde6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e730ee16a0db99b8f0575bea2e3ef0471019b00e2037fb0d367fbfbb5833248
8eba072934ef140a0c654e27c49d9519f497f1eedd710afd5536a127bacb7efc
901c00b6d725dfe9be7dcf88438ec2cdfa352729f8275f58511cbb041ac87426
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96225afa6083543c33954596eaf98781a02c7b8eced2e1e025b7b719e593a35b
96d16a0b319e19558dd3ca001ddeff2b859647ddeb0986ef9c221353b986b5f2
970e0a2f25583cab4293946e65e7b64d80ea514d0a60773f9383a621ad012297
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d2fffa7319df502392e0c22b44136f8d55d026414f13418608ff1b1b1ec2792
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e20eb6cc267880b06f424fbf419634df65e2507e5257747c8d3642e539f8282
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0d5ee3c188649f0193c80dd6f7a065585900016cf06e53b3fb1d4362294f282
a138de26ecd4c0bef40c54ed63ec6201b73eb60ae5865b8f5be443dc5fe37cc8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a46a6691e8235b6ed692048c52d2ce23950b03e641f580773d4e2aff612d39ae
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7ac6b39c844d591a60df12237d7379261f8dc41d48f8325220aee5139be380c
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28e16360c5ab4cec5952793b20aa43e597098718ecda112ba4637fad4aefca3
b61ae0ed09fa41ccbcd2be5d8544f7f18cc230a9f0feb728477916e177583d38
b66d02bee6b2a7924be8c4e8b1b488214a3fc5232748c1f74a2af103796a6e04
b98982197b4016e5b97d9aec4b0ad7c19c26fa9218c3b6dcfab908db746c1dfb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c10ef063263d02c415ba92a7196cbc64e514a114dcdb5f6abff3f7e07b244253
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c1269349b837b9ba0e806dd43652799c7f13964b55e1c1d2749ab5bef757300a
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c3440392178ac162b774b39cb745c5875ee11538159f505571f80caf8658eb32
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26
cbe4e6e7cfa20bf6fe20de336b8e83ea4c6cf7e198842b578582b42518ce7a52
cc72de0f245622dcbe0041630fca90696289bfc68e48d32df0ef348e71c97710
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06587dd2e170068faddf2c5b9d860495d873efd1b7c23176e84ddf5282b9c37
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3079b3dd8d512ab44f560d9f3ed1b9a5113a4c0f7419e3674dc3d6fd60add81
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba
d63fa770adfd344ffffd30e315719e539d341a6f71d0d6ad6a5c312a85e95fed
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d741914920a9e5d10ec1aa397f528064ddba12e719eef55082f3d7398120dd63
da4a85b624e7a71b4aa3827935dae699f7e8769e172ce18dc1ec395967863fbd
dc38aede08e62b0d3eca05d5104766d07e9423895826589fb3b17fc03f6a1b1c
dea7fdea8bc13f2d8a65f79ea42af7bdf8fcde1538a64a79d5ef2069da769859
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
ea7f41b307c48cb26d1ba7144fe8dacffbf302b141f215217a49edca23501c46
ebfddb3e4e47eb00a0472027890d814d9f807f87138d308c7a15a0ebed22ee44
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee979f21f7ce25499f9d5dfae94f159acb26103e575eca9d827c04f3cc9529d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06e0277bef92622d48f4caef51cff7b4dd32b447a1c789aa65e168549e7ac8f
f19342be97ccffeeb596b9f058b89ca122374959d9244f19203d2c0ef9018cee
f2502cc2d4ee063cf2dd5600a484479ba0548cf3ab227c9f25e00201065d500a
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb
f5d63c2eddc1f908f26eb2cbd20fad669ef3e2a4e13542bf9b540e37bc72db17
f6c5104f1b12a782a5771bc1b99e5dad3ddc3c1c1e84f64b25f9a510c902b7a8
fad7e6ffd05ee5e470878f9f6b4832a1d01293ffad390da1ec014f12271f59da
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62