kichwahits.com Open in urlscan Pro
2a07:7800::183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kichwahits.com/
Effective URL:
https://kichwahits.com/
Submission: On October 06 via api (October 6th 2022, 10:15:03 am UTC) from SG — Scanned from GB

Summary HTTP 150 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 30 domains to perform 150 HTTP transactions. The main IP is 2a07:7800::183, located in United Kingdom and belongs to TWENTYI, GB. The main domain is kichwahits.com.
TLS certificate: Issued by R3 on September 4th 2022. Valid for: 3 months.

This is the only time kichwahits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2a07:7800::183 2a07:7800::183	48254 (TWENTYI) (TWENTYI)
9	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	34.212.54.194 34.212.54.194	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	78.46.33.196 78.46.33.196	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
13	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
1 1	96.16.141.156 96.16.141.156	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::ac43:44a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 5	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
5	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.216.77.36 23.216.77.36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
4	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2607:f8b0:400... 2607:f8b0:4001:c2b::78	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:68::a	15169 (GOOGLE) (GOOGLE)
1	23.216.77.25 23.216.77.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
150	53

10 2a07:7800::183 (United Kingdom) 1 redirects

ASN48254 (TWENTYI, GB)

kichwahits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.212.54.194 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-54-194.us-west-2.compute.amazonaws.com

seebait.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.33.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.33.46.78.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fbd64f009a7070897b622a02c2f4a9e2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.141.156 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:44a2 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.216.77.36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-36.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4001:c2b::78 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:68::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr5---sn-4g5edns7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.216.77.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-25.deploy.static.akamaitechnologies.com

res-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	wp.com c0.wp.com — Cisco Umbrella Rank: 7898 stats.wp.com — Cisco Umbrella Rank: 3434 pixel.wp.com — Cisco Umbrella Rank: 2931 i0.wp.com — Cisco Umbrella Rank: 3762	152 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com fbd64f009a7070897b622a02c2f4a9e2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 170	266 KB
14	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 pubads.g.doubleclick.net — Cisco Umbrella Rank: 369 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 171	370 KB
11	media.net contextual.media.net — Cisco Umbrella Rank: 841 warp.media.net — Cisco Umbrella Rank: 3316 lg3.media.net — Cisco Umbrella Rank: 4956 hblg.media.net — Cisco Umbrella Rank: 2563	156 KB
11	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 334 cdn.adnxs.com — Cisco Umbrella Rank: 2086 fra1-ib.adnxs.com — Cisco Umbrella Rank: 6511 acdn.adnxs.com — Cisco Umbrella Rank: 885	61 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	131 KB
10	kichwahits.com 1 redirects kichwahits.com	366 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 486 mug.criteo.com — Cisco Umbrella Rank: 1859 bidder.criteo.com — Cisco Umbrella Rank: 844	9 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 136 www.google.com — Cisco Umbrella Rank: 19	1 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1345 eus.rubiconproject.com — Cisco Umbrella Rank: 861 token.rubiconproject.com — Cisco Umbrella Rank: 1067 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2876	11 KB
3	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 39548	8 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	116 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 5221 www.google.de — Cisco Umbrella Rank: 3460	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2144	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	189 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	3 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 789	58 KB
2	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2794 res-a.akamaihd.net — Cisco Umbrella Rank: 8176	25 KB
2	adform.net adx.adform.net — Cisco Umbrella Rank: 3070 cm.adform.net — Cisco Umbrella Rank: 2140	590 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2591	24 KB
2	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 27953 static.a-ads.com — Cisco Umbrella Rank: 35660	50 KB
1	googlevideo.com rr5---sn-4g5edns7.googlevideo.com — Cisco Umbrella Rank: 62333
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 1517	8 KB
1	setupad.com node.setupad.com — Cisco Umbrella Rank: 39464	209 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	646 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5797	176 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 642	624 B
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 40145	142 KB
1	seebait.com seebait.com	3 KB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 311	8 KB
150	30

	Domain	Requested by
13	i0.wp.com	kichwahits.com
10	securepubads.g.doubleclick.net	kichwahits.com securepubads.g.doubleclick.net www.googletagservices.com
10	kichwahits.com	1 redirects kichwahits.com
9	tpc.googlesyndication.com	kichwahits.com 907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
9	c0.wp.com	kichwahits.com
6	pagead2.googlesyndication.com	kichwahits.com pagead2.googlesyndication.com 907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
5	contextual.media.net	stpd.cloud contextual.media.net kichwahits.com
5	www.gstatic.com	kichwahits.com 907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com
5	ib.adnxs.com	2 redirects stpd.cloud acdn.adnxs.com
4	fra1-ib.adnxs.com	stpd.cloud kichwahits.com cdn.adnxs.com
4	www.google.com	kichwahits.com tpc.googlesyndication.com
4	gum.criteo.com	2 redirects static.criteo.net
3	lg3.media.net	kichwahits.com
3	prebid-stag.setupad.net	stpd.cloud kichwahits.com
3	www.googletagservices.com	kichwahits.com securepubads.g.doubleclick.net
3	mug.criteo.com	kichwahits.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	kichwahits.com www.googletagmanager.com
3	fonts.googleapis.com	kichwahits.com 907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com
2	static.criteo.net	stpd.cloud static.criteo.net
2	hblg.media.net	kichwahits.com
2	csi.gstatic.com	www.gstatic.com
2	eus.rubiconproject.com	kichwahits.com eus.rubiconproject.com
2	script.4dex.io	stpd.cloud script.4dex.io
2	907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	acdn.adnxs.com	stpd.cloud
1	res-a.akamaihd.net	kichwahits.com
1	rr5---sn-4g5edns7.googlevideo.com	907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com
1	i1.ytimg.com	907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com
1	cdn.adnxs.com	stpd.cloud
1	warp.media.net	stpd.cloud
1	qsearch-a.akamaihd.net	stpd.cloud
1	node.setupad.com	kichwahits.com
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	cm.adform.net	kichwahits.com
1	fbd64f009a7070897b622a02c2f4a9e2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	token.rubiconproject.com	eus.rubiconproject.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	adx.adform.net	stpd.cloud
1	prebid-eu.creativecdn.com	stpd.cloud
1	bidder.criteo.com	stpd.cloud
1	www.google.de	kichwahits.com
1	secure-assets.rubiconproject.com	1 redirects
1	id5-sync.com	stpd.cloud
1	stats.g.doubleclick.net	www.google-analytics.com
1	stpd.cloud	kichwahits.com
1	static.a-ads.com	ad.a-ads.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pubads.g.doubleclick.net	kichwahits.com
1	pixel.wp.com	kichwahits.com
1	ad.a-ads.com	kichwahits.com
1	seebait.com	kichwahits.com
1	stats.wp.com	kichwahits.com
1	cdn.ampproject.org	kichwahits.com
150	58

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com
instagram.com
vk.com
slyvermusic.com

Subject Issuer	Validity	Valid
*.kichwahits.com R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
seebait.com R3	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2021-12-08` - `2023-01-08`	a year	crt.sh
*.stpd.cloud E1	`2022-08-30` - `2022-11-28`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
node.setupad.com R3	`2022-08-30` - `2022-11-28`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-20` - `2022-11-29`	2 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://kichwahits.com/
Frame ID: 524499F1579E9DB5F703C006A5A6466B
Requests: 62 HTTP requests in this frame

Frame: https://ad.a-ads.com/1717641?size=728x90
Frame ID: 33F4FB462BD467CA11672754B9999607
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
Frame ID: A8E79C8DDEE762BDF3B393B483FC7A63
Requests: 1 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 988A1C17EDC16221CD88ABA4A7B1D67B
Requests: 24 HTTP requests in this frame

Frame: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 489E3760AC0EDAFEC72CD5E667FD1E62
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: E3A776F0EC4A0B3E41CAB61B85564AD3
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2295251696792504&output=html&adk=1812271804&adf=3025194257&lmt=1665051298&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkichwahits.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665051298070&bpp=3&bdt=807&idt=469&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8616741591657&frm=20&pv=2&ga_vid=1960934497.1665051298&ga_sid=1665051298&ga_hid=879780389&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770881%2C31062930&oid=2&pvsid=401815053796341&tmod=2050638576&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=482
Frame ID: 214987CC4F2A424BFB62513137249161
Requests: 1 HTTP requests in this frame

Frame: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9F2CBFBC85748F67DE4B13A3E71AC8DE
Requests: 5 HTTP requests in this frame

Frame: https://fbd64f009a7070897b622a02c2f4a9e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6CC54B4CCA50775117F147B1730F0603
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/de17d2874496eb5aa5ae962212bd52f2.js?tag=client_fast_engine_2019
Frame ID: 8772C54497E7AFC377879A02E303012B
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmxkf0_G2fa83buO5RsNtb8n_yDHnxk2Rdo9rnQzDNAgDbOXQRI6RPo2_XvB44_uhBnc_HHgdCTmfzNURco3IUfgy-k-2TMP-I9raguU3zT_T0wtM-CRe6EKxIGyswA6VSO-LdrsbP5SUpF5RWmXegjmLMtv5rDRuCAIvMbBJGvLpAK6M4Ie_iaQrexPOPwDU5milK2FgU7-Aiksx6LH78RzpA-3Qpsx8x9i8awV2y4BMUxTooQboovWglZrOCnrabo8pLZOQxHZWL_dx0siqzrHoZ4X1z7PsDJ3Wv57LN-owV5TeEMqO9aGPTdz8JMEccX003TrXVV4RUhZ1mqKfl-nN2LKQmnwb6jA&sai=AMfl-YQnr2hyfO1hvFufIU9HzEng4aJHdLek_hwVnwxGG22pC-qnXnl1wdAZhujeQB50SuAjz1Vj4qnmg381NXGakxQ_aFjRo_Amml-QiWc_KXIFTs90o34mc1ijOLEGJJus&sig=Cg0ArKJSzOshGvA0dD2rEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 46B836A493736D19C7FCF48D5A86597B
Requests: 18 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Frame ID: 99BF6992E21D7E50358280E715EB5171
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 1496D07F8A037A10F5966933D9D51272
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 70A9A0B2896154F871D18E2852400CCD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Frame ID: D86980FAE02904105D675A30A40B7E47
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: D4C7CCFFD1275F16A318977D78193642
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 88CF045962EECF3EFECE383EFBC24C4B
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kichwahits.com
Frame ID: B4E701A6DB20089CB50784DF17883AFE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B03A323F01F64945E24D2B9950D1A5B0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6533734A3A01BBD8EB2FE30B0CD3F0F9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B680390CE25065CFED0DA0B607AFFADE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7206DD6BC274C415F6013A4B4B107A1C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home — kichwahits

Page URL History Show full URLs

http://kichwahits.com/ HTTP 301
https://kichwahits.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

150
Requests

97 %
HTTPS

54 %
IPv6

30
Domains

58
Subdomains

53
IPs

7
Countries

2178 kB
Transfer

8880 kB
Size

14
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://plus.google.com/
Title: Google Plus

Search URL Search Domain Scan URL

URL: http://instagram.com/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://vk.com/
Title: VK

Search URL Search Domain Scan URL

URL: https://slyvermusic.com/
Title: slyvermusic

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kichwahits.com/ HTTP 301
https://kichwahits.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkichwahits.com%2F&domain=kichwahits.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=nDNj73w2dGNIN2tOMk1URGRlbkhLbk9rb2o0VVpWWE1LZ1hPbTV0Y0dNVnRMempOS29ia05HU21lY29IT0ltaUF6Qlh4ejNZaFNiTFVLckRSdXR2WEVMWk8wSVJOY0xPcHlaN25mQlFrakZDQW5VSjRUMklINUlWbE1tUG96ZE9DMkpXZEZPcXJFUGQ1NkdSZm5XaUN3cjJHOVBmeFBMeUx6dWJQb2Z4UnZ3S0JTMzNJWFFVSnpWVEVrcTV3L3BDWWdJOEFHQmE3RWFFNmEwRThUT2tjQ0tCdXNwYWVyRVVFM2hFY3NTMXhncmIvbXkwPXw&cppv=2

Request Chain 68

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 80

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=410857496921411902

Request Chain 146

https://gum.criteo.com/sid/json?origin=publishertag&domain=kichwahits.com&sn=ChromeSyncframe&so=3&topUrl=kichwahits.com&bundle=zxTYfF9ONnJKJTJGUHVHdFl0V1JDeVI3OFQlMkJnJTJGcVdaa04lMkZJZFpMbjQ3Q0Y2bXFzR09CMUNCSUxXb1RDbmUlMkZ3OFl2WUxCWmZHaTRQQXJ3bmQ0ZktKdXc4cTVqaHFFRE1zdEFYSFRDeDd6NWxoWU5TTXB2aXZUJTJCS3dmTTE0SFFzdXpaJTJGdWV3&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=vIUcanxFYTg5bTUrR1FrMlpwVUpqOWQxVEREZnBPRDJYSkxnUVhSM3pwVXBYdHNzeWlHMk12TGFuQkU2QzlaREljbU1zTTBLb1NkVXlGNGozaThyeUI4NHRhNkJnU1JFek92MlZTMlNqTDBtUXFyY0dNSVIxbExLNnc0NUhaVldLZFNCUUdrZ2JpbTVBUFZXRlVadTNiRUZYTHF6Y254ZkFYdWpVeW1uSCtrL2o1aHBQMTBvWVlMVXhQQzRpdHA4c0liR1laNUtpcTFnaGgyQTh4bDQ4VE95eWtDQ0I5aERjMFJBTXVhZDRBUVdkMHJDQ2xZS2t5a1F5ZnEvM01INGFNZzhRTWFTY2IwQXNISmlXWmNUZkx1Snh6eG81Wk5TTjk3bjYvOWJIVUdaZWF5cz18&cppv=2

150 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kichwahits.com/
Redirect Chain

http://kichwahits.com/
https://kichwahits.com/

267 KB
60 KB

1299ms
1198ms

Document
text/html

2a07:7800::183
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL: https://kichwahits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:7800::183 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software: Apache / PHP/8.1.11
Resource Hash: a93ec9d032873d9bbdf0816f365e7489b0ad71f4dc4a3b03999f0233e411a590

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 06 Oct 2022 10:14:54 GMT
link: <https://kichwahits.com/wp-json/>; rel="https://api.w.org/", <https://kichwahits.com/wp-json/wp/v2/pages/5141>; rel="alternate"; type="application/json", <https://kichwahits.com/>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: Apache
vary: Accept-Encoding Accept-Encoding
x-cdn-cache-status: MISS
x-origin-cache-status: MISS
x-pingback: https://kichwahits.com/xmlrpc.php
x-powered-by: PHP/8.1.11
x-provided-by: StackCDN StackCDN
x-via: AMS1

Redirect headers

content-length: 0
date: Thu, 06 Oct 2022 10:14:54 GMT
location: https://kichwahits.com/
x-cdn-cache-status: EXPIRED
x-via: AMS1

GET
H2 200 style.min.css
c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/ 87 KB
11 KB 181ms
45ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:14:57 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/ 11 KB
2 KB 182ms
46ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:14:57 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/ 4 KB
1 KB 184ms
49ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:14:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 302ms
97ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%7CLato%3A400%2C700%7COpen+Sans+Condensed%3A400%2C700&subset=latin%2Clatin-ext&ver=2.9.8

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

110af8da341940fa6e86d4033d4cad1dfb1877faff91108bd7191ed683623b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 10:14:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Oct 2022 10:14:57 GMT

GET
H2 200 min.css
kichwahits.com/wp-content/themes/voice/assets/css/ 169 KB
42 KB 97ms
49ms Stylesheet
text/css 2a07:7800::183
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL: https://kichwahits.com/wp-content/themes/voice/assets/css/min.css?ver=2.9.8
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:7800::183 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software: Apache /
Resource Hash: b07871f016581e9d6d67632bc54ced898fa19754c3a1f3ebb46360f77bcb4545

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:54 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 01 May 2022 19:18:07 GMT
server: Apache
etag: W/"2a426-5ddf822add9c0"
x-cdn-cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
x-via: AMS1
cache-control: max-age=31536000
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Thu, 07 Sep 2023 11:05:28 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/11.4/css/ 84 KB
15 KB 183ms
50ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.4/css/jetpack.css

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7fa4abb686798756bc90d4d6d1e4da75137160ecf2bc7ff6c103263f9842c444

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 22 Sep 2022 17:43:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:14:57 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.0.2/wp-includes/js/jquery/ 87 KB
30 KB 183ms
51ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:14:57 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.0.2/wp-includes/js/jquery/ 11 KB
4 KB 183ms
52ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:14:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 255ms
136ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-97CF6J75T1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6fa51d93e1bdcd773bb670be3adbef42cedc2356189713e764c4210b60fe55d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75470
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 06 Oct 2022 10:14:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
54 KB 328ms
158ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2295251696792504

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea36e9104604853976b38e5a3af59c3ef656fd3a83a6ad63fb4c8ec498eee18e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kichwahits.com/
Origin: https://kichwahits.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54526
x-xss-protection: 0
server: cafe
etag: 7975834391465565321
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 10:14:57 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
28 KB 292ms
109ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8699f6252d0f9c04a5a4a6df0a16df02fcf635b0ebe61fa573d8daf53cfed14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27682
x-xss-protection: 0
server: sffe
etag: "1355 / 592 of 1000 / last-modified: 1665045782"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 06 Oct 2022 10:14:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 185ms
66ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-166828061-1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb23ca48964bdd054c7dfaaab6e417c5d1aa77c2665406bbb4354a9cd94edf56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42388
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Oct 2022 10:14:57 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
8 KB 327ms
134ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0d0bceea71a5f83c45cf3c926b7e9e5b51f9a8c3ac83b3d158c33eaf3a9a51

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 10:14:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7571
x-xss-protection: 0
server: sffe
etag: "87d590c66fd5781f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 06 Oct 2022 10:14:57 GMT

GET
H2 200 KICHWAHITS-LOGO-04-1.png
kichwahits.com/wp-content/uploads/2022/01/ 138 KB
138 KB 62ms
60ms Image
image/png 2a07:7800::183
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kichwahits.com/wp-content/uploads/2022/01/KICHWAHITS-LOGO-04-1.png
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:7800::183 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software: Apache /
Resource Hash: 17d11d49ce496e8eaa2167d6a7ac368975a09ff6dabf13aa8ded46aaa57fb20a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:54 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 01 May 2022 19:18:41 GMT
server: Apache
etag: "2267f-5ddf824b4a640"
x-cdn-cache-status: HIT
content-type: image/png
x-via: AMS1
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 140927
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Thu, 07 Sep 2023 12:04:56 GMT

GET
H2 200 wp-emoji-release.min.js Show response
kichwahits.com/wp-includes/js/ 18 KB
6 KB 122ms
120ms Script
application/x-javascript 2a07:7800::183
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL: https://kichwahits.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:7800::183 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:54 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Jun 2022 16:07:37 GMT
server: Apache
etag: W/"48b9-5e08d523435e5"
x-cdn-cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
x-via: AMS1
cache-control: max-age=31536000
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Thu, 07 Sep 2023 10:06:28 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/11.4/_inc/build/photon/ 685 B
371 B 44ms
44ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.4/_inc/build/photon/photon.min.js

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:14:57 GMT

GET
H2 200 imagesloaded.min.js Show response
c0.wp.com/c/6.0.2/wp-includes/js/ 5 KB
2 KB 46ms
44ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.2/wp-includes/js/imagesloaded.min.js

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:14:57 GMT

GET
H2 200 min.js Show response
kichwahits.com/wp-content/themes/voice/assets/js/ 100 KB
35 KB 55ms
49ms Script
application/x-javascript 2a07:7800::183
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL: https://kichwahits.com/wp-content/themes/voice/assets/js/min.js?ver=2.9.8
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:7800::183 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software: Apache /
Resource Hash: 596b4aabca01ac591c9a7d2b2d8c4893d5ebb36609405574c66c56a32e816ead

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:54 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 01 May 2022 19:18:07 GMT
server: Apache
etag: W/"190fe-5ddf822add9c0"
x-cdn-cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
x-via: AMS1
cache-control: max-age=31536000
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Thu, 07 Sep 2023 15:31:05 GMT

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/6.0.2/wp-includes/js/ 3 KB
1 KB 50ms
43ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.2/wp-includes/js/comment-reply.min.js

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:14:57 GMT

GET
H2 200 intersection-observer.js Show response
kichwahits.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 126ms
120ms Script
application/x-javascript 2a07:7800::183
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL: https://kichwahits.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:7800::183 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software: Apache /
Resource Hash: 9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:54 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Oct 2022 03:31:56 GMT
server: Apache
etag: W/"2317-5ea4137f7602e"
x-cdn-cache-status: HIT
vary: Accept-Encoding
content-type: application/x-javascript
x-via: AMS1
cache-control: max-age=31536000
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Fri, 06 Oct 2023 09:06:29 GMT

GET
H2 200 lazy-images.js Show response
kichwahits.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 125ms
119ms Script
application/x-javascript 2a07:7800::183
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL: https://kichwahits.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=8767d0da914b289bd862
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:7800::183 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software: Apache /
Resource Hash: c99ffa666406b233d0791d6f9c7b4675c37ae1e537813b213bc3968a95321355

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:54 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Oct 2022 03:31:56 GMT
server: Apache
etag: W/"93e-5ea4137f7508e"
x-cdn-cache-status: HIT
vary: Accept-Encoding
content-type: application/x-javascript
x-via: AMS1
cache-control: max-age=31536000
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Fri, 06 Oct 2023 09:06:29 GMT

GET
H2 200 smush-lazy-load.min.js Show response
kichwahits.com/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 125ms
121ms Script
application/x-javascript 2a07:7800::183
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL: https://kichwahits.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.11.1
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:7800::183 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software: Apache /
Resource Hash: b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:54 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 06:28:38 GMT
server: Apache
etag: W/"1eee-5e6e2acb44b17"
x-cdn-cache-status: HIT
vary: Accept-Encoding
content-type: application/x-javascript
x-via: AMS1
cache-control: max-age=31536000
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Thu, 07 Sep 2023 15:31:05 GMT

GET
H2 200 e-202240.js Show response
stats.wp.com/ 9 KB
3 KB 141ms
44ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202240.js
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: HIT lhr
date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 24 Sep 2023 23:05:30 GMT

GET
H/1.1 200
OK serve.js Show response
seebait.com/server-scripts/ 7 KB
3 KB 661ms
209ms Script
application/javascript 34.212.54.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://seebait.com/server-scripts/serve.js

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.212.54.194 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-212-54-194.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a8314e357a40693948a0bc20c7403b5f7a2dff61e880171fc9f4e81c9bd069af

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Thu, 06 Oct 2022 10:14:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Oct 2018 10:53:02 GMT
Server: Apache
ETag: "1bb6-578f74a475f80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=172800
Connection: close
Accept-Ranges: bytes
Content-Length: 2708
X-XSS-Protection: 1; mode=block
Expires: Sat, 08 Oct 2022 10:14:58 GMT

GET
DATA 200
OK truncated Show response
/ Frame 33F4 37 B
37 B Document
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Type: image/gif

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 170ms
55ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%7CLato%3A400%2C700%7COpen+Sans+Condensed%3A400%2C700&subset=latin%2Clatin-ext&ver=2.9.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kichwahits.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 18:52:55 GMT
x-content-type-options: nosniff
age: 228122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 18:52:55 GMT

GET
H2 200 fontawesome-webfont.woff2
kichwahits.com/wp-content/themes/voice/assets/css/fonts/ 75 KB
76 KB 118ms
117ms Font
application/font-woff2 2a07:7800::183
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL: https://kichwahits.com/wp-content/themes/voice/assets/css/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/wp-content/themes/voice/assets/css/min.css?ver=2.9.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:7800::183 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://kichwahits.com/wp-content/themes/voice/assets/css/min.css?ver=2.9.8
Origin: https://kichwahits.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:54 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 01 May 2022 19:18:07 GMT
server: Apache
etag: "12d68-5ddf822add9c0"
x-cdn-cache-status: HIT
vary: Accept-Encoding
content-type: application/font-woff2
x-via: AMS1
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 77160
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Thu, 07 Sep 2023 12:04:56 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 16 KB
16 KB 183ms
68ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%7CLato%3A400%2C700%7COpen+Sans+Condensed%3A400%2C700&subset=latin%2Clatin-ext&ver=2.9.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kichwahits.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 01:54:59 GMT
x-content-type-options: nosniff
age: 202798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 01:54:59 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 230ms
118ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%7CLato%3A400%2C700%7COpen+Sans+Condensed%3A400%2C700&subset=latin%2Clatin-ext&ver=2.9.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kichwahits.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 148063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 17:07:14 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 1717641 Show response
ad.a-ads.com/ Frame 33F4 12 KB
5 KB 209ms
72ms Document
text/html 78.46.33.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1717641?size=728x90

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.11.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.46.33.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.33.46.78.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

6e4c8d09e90b71e0cac3498a7d5667b20642f2639e81584563cc8dbe2556d812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 06 Oct 2022 10:14:57 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://kichwahits.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 50ms
44ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=178293279&post=5141&tz=3&srv=kichwahits.com&host=kichwahits.com&ref=&fcp=1821&rand=0.3762716331093421
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 06 Oct 2022 10:14:57 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 56 KB
14 KB 272ms
131ms XHR
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22639133039/kichwahits.com_320x100_mobile_sticky_DFP&sz=320x50%7C320x100&t=Placement_type%3Dserving&1665051297769

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81bd8e4d1b71512b29e577070d750d7c576a87d9fb044da773e9c8572698c552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13150
x-xss-protection: 0
google-lineitem-id: 5815167588
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368603404
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://kichwahits.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 MP3-DOWNLOAD-Zuchu-Kwikwi.jpg
i0.wp.com/kichwahits.com/wp-content/uploads/2022/10/ 4 KB
4 KB 152ms
54ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/kichwahits.com/wp-content/uploads/2022/10/MP3-DOWNLOAD-Zuchu-Kwikwi.jpg?resize=145%2C100&ssl=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

65c304ddadef0e121b2fb751e08f7108e8128a01bfd40ab106f8370e75fac44c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: MISS lhr 6
date: Thu, 06 Oct 2022 10:14:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 09:07:41 GMT
server: nginx
etag: "3df2ca83925bc0e2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://kichwahits.com/wp-content/uploads/2022/10/MP3-DOWNLOAD-Zuchu-Kwikwi.jpg>; rel="canonical"
content-length: 3608
expires: Sat, 05 Oct 2024 21:07:41 GMT

GET
H2 200 a4.png
i0.wp.com/kichwahits.com/wp-content/uploads/2022/09/ 25 KB
25 KB 152ms
54ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/kichwahits.com/wp-content/uploads/2022/09/a4.png?resize=145%2C100&ssl=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

d77e2a39cd4508a3bbd54ec697baeea0e168bbf42ddcf0fb341b7df42bc37a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: MISS lhr 8
date: Thu, 06 Oct 2022 10:14:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 09:07:42 GMT
server: nginx
etag: "514f27b0f7234afb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://kichwahits.com/wp-content/uploads/2022/09/a4.png>; rel="canonical"
content-length: 25470
expires: Sat, 05 Oct 2024 21:07:42 GMT

GET
H2 200 MP3-DOWNLOAD-Harmonize-Ft-Abigail-Chams-%E2%80%93-Leave-Me-Alone.jpg
i0.wp.com/kichwahits.com/wp-content/uploads/2022/09/ 4 KB
4 KB 210ms
113ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/kichwahits.com/wp-content/uploads/2022/09/MP3-DOWNLOAD-Harmonize-Ft-Abigail-Chams-%E2%80%93-Leave-Me-Alone.jpg?resize=145%2C100&ssl=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

d96184760f3ef2005e1d579d6ef415ce137852f99847810017a50171bda5941b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: MISS lhr 6
date: Thu, 06 Oct 2022 10:14:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 09:07:42 GMT
server: nginx
etag: "93a63f5837d6388f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://kichwahits.com/wp-content/uploads/2022/09/MP3-DOWNLOAD-Harmonize-Ft-Abigail-Chams-%E2%80%93-Leave-Me-Alone.jpg>; rel="canonical"
content-length: 3948
expires: Sat, 05 Oct 2024 21:07:42 GMT

GET
H2 200 MP3-DOWNLOAD-Zuchu-Ft-Adekunle-Gold-Love.jpg
i0.wp.com/kichwahits.com/wp-content/uploads/2022/09/ 4 KB
4 KB 201ms
110ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/kichwahits.com/wp-content/uploads/2022/09/MP3-DOWNLOAD-Zuchu-Ft-Adekunle-Gold-Love.jpg?resize=145%2C100&ssl=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a6d56f9358098424c02927eb86bf8b24a3ef30cbbd3bd7abcc46b9772469eff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: MISS lhr 3
date: Thu, 06 Oct 2022 10:14:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 09:07:41 GMT
server: nginx
etag: "d4bb8a044e5855f0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://kichwahits.com/wp-content/uploads/2022/09/MP3-DOWNLOAD-Zuchu-Ft-Adekunle-Gold-Love.jpg>; rel="canonical"
content-length: 4056
expires: Sat, 05 Oct 2024 21:07:41 GMT

GET
H2 200 MP3-DOWNLOAD-Patoranking-Ft-Diamond-Platnumz-%E2%80%93-Kolo-Kolo.jpg
i0.wp.com/kichwahits.com/wp-content/uploads/2022/09/ 4 KB
4 KB 136ms
105ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/kichwahits.com/wp-content/uploads/2022/09/MP3-DOWNLOAD-Patoranking-Ft-Diamond-Platnumz-%E2%80%93-Kolo-Kolo.jpg?resize=145%2C100&ssl=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a817c49ca3d3dbdaa12b1480d74427629f192f335b52d55833e92d63ecb9a7e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: MISS lhr 4
date: Thu, 06 Oct 2022 10:14:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 09:07:42 GMT
server: nginx
etag: "3419356fa1466e87"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://kichwahits.com/wp-content/uploads/2022/09/MP3-DOWNLOAD-Patoranking-Ft-Diamond-Platnumz-%E2%80%93-Kolo-Kolo.jpg>; rel="canonical"
content-length: 4272
expires: Sat, 05 Oct 2024 21:07:42 GMT

GET
H2 200 A2.jpg
i0.wp.com/kichwahits.com/wp-content/uploads/2022/09/ 3 KB
3 KB 85ms
84ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/kichwahits.com/wp-content/uploads/2022/09/A2.jpg?resize=145%2C100&ssl=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

5db0ce0488729c2747c705f170759f62f24161a5edd8cb15f5b024c745037af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: MISS lhr 5
date: Thu, 06 Oct 2022 10:14:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 09:07:41 GMT
server: nginx
etag: "7cf9ce3816de5f0e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://kichwahits.com/wp-content/uploads/2022/09/A2.jpg>; rel="canonical"
content-length: 3090
expires: Sat, 05 Oct 2024 21:07:41 GMT

GET
H2 200 MP3-DOWNLOAD-Barakah-The-Prince-Ft-Joh-Makini-Permanent-Love.webp
i0.wp.com/kichwahits.com/wp-content/uploads/2019/09/ 2 KB
2 KB 85ms
84ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/kichwahits.com/wp-content/uploads/2019/09/MP3-DOWNLOAD-Barakah-The-Prince-Ft-Joh-Makini-Permanent-Love.webp?resize=145%2C100&ssl=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

11c3c038b5a1c099cc28bd4daacac1dc9e97e2dac3279ef1007b429c595f8326

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: MISS lhr 4
date: Thu, 06 Oct 2022 10:14:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 09:06:55 GMT
server: nginx
etag: "ea8dbb8a2e6e0cb3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://kichwahits.com/wp-content/uploads/2019/09/MP3-DOWNLOAD-Barakah-The-Prince-Ft-Joh-Makini-Permanent-Love.webp>; rel="canonical"
content-length: 2166
expires: Sat, 05 Oct 2024 21:06:55 GMT

GET
H2 200 MP3-DOWNLOAD-Ommy-Dimpoz-Vacation.jpg
i0.wp.com/kichwahits.com/wp-content/uploads/2019/07/ 3 KB
3 KB 85ms
84ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/kichwahits.com/wp-content/uploads/2019/07/MP3-DOWNLOAD-Ommy-Dimpoz-Vacation.jpg?resize=145%2C100&ssl=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9b57e4fc6908a178f5dbf7010660fadd920aa0e097d81d778d38371e98d4544d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: MISS lhr 4
date: Thu, 06 Oct 2022 10:14:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 09:06:55 GMT
server: nginx
etag: "063829e1d861b342"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://kichwahits.com/wp-content/uploads/2019/07/MP3-DOWNLOAD-Ommy-Dimpoz-Vacation.jpg>; rel="canonical"
content-length: 3118
expires: Sat, 05 Oct 2024 21:06:55 GMT

GET
H2 200 AUDIO-Fid-Q-%E2%80%93-KitaaOLOJIA-Album-MP3-DOWNLOAD.jpg
i0.wp.com/kichwahits.com/wp-content/uploads/2018/11/ 4 KB
4 KB 85ms
84ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/kichwahits.com/wp-content/uploads/2018/11/AUDIO-Fid-Q-%E2%80%93-KitaaOLOJIA-Album-MP3-DOWNLOAD.jpg?resize=145%2C100&ssl=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

782d5f3a6762a6193acd44d89fb3b45f4ec3728c418f49123facaf2795f5e8c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: MISS lhr 3
date: Thu, 06 Oct 2022 10:14:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 09:07:45 GMT
server: nginx
etag: "d3e6390e02cbf938"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://kichwahits.com/wp-content/uploads/2018/11/AUDIO-Fid-Q-%E2%80%93-KitaaOLOJIA-Album-MP3-DOWNLOAD.jpg>; rel="canonical"
content-length: 3850
expires: Sat, 05 Oct 2024 21:07:45 GMT

GET
H2 200 AUDIO-Dj-Seven-Worldwide-Greatness-MP3-DOWNLOAD.jpg
i0.wp.com/kichwahits.com/wp-content/uploads/2022/10/ 2 KB
2 KB 86ms
85ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/kichwahits.com/wp-content/uploads/2022/10/AUDIO-Dj-Seven-Worldwide-Greatness-MP3-DOWNLOAD.jpg?resize=145%2C100&ssl=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

85b78eb9a8f7934543014d1ecce59b347ac8f018865d16eef5e117e2af291632

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: MISS lhr 6
date: Thu, 06 Oct 2022 10:14:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 09:07:00 GMT
server: nginx
etag: "5afb9fec28edaa86"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://kichwahits.com/wp-content/uploads/2022/10/AUDIO-Dj-Seven-Worldwide-Greatness-MP3-DOWNLOAD.jpg>; rel="canonical"
content-length: 2210
expires: Sat, 05 Oct 2024 21:07:00 GMT

GET
H2 200 DOWNLOAD-MP3-Mabantu-ft-Young-Lunya-Sponsa.png
i0.wp.com/kichwahits.com/wp-content/uploads/2020/08/ 18 KB
18 KB 110ms
109ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/kichwahits.com/wp-content/uploads/2020/08/DOWNLOAD-MP3-Mabantu-ft-Young-Lunya-Sponsa.png?resize=145%2C100&ssl=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8849fb0792161c13cac157ab2c2d86171f9d83c0fd9702eba3dc87c54292ead4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: MISS lhr 3
date: Thu, 06 Oct 2022 10:14:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 09:07:20 GMT
server: nginx
etag: "111b203ee0df80cf"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://kichwahits.com/wp-content/uploads/2020/08/DOWNLOAD-MP3-Mabantu-ft-Young-Lunya-Sponsa.png>; rel="canonical"
content-length: 18434
expires: Sat, 05 Oct 2024 21:07:20 GMT

GET
H2 200 MP3-DOWNLOAD-Rosa-Ree-Gigy-Money-Emergency.jpg
i0.wp.com/kichwahits.com/wp-content/uploads/2022/10/ 4 KB
4 KB 86ms
85ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/kichwahits.com/wp-content/uploads/2022/10/MP3-DOWNLOAD-Rosa-Ree-Gigy-Money-Emergency.jpg?resize=145%2C100&ssl=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

d95695a8870551e408a0bf064e619baaf4e5c962477ee91fcfa9b7175f038124

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: MISS lhr 1
date: Thu, 06 Oct 2022 10:14:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 09:07:20 GMT
server: nginx
etag: "863b1726cc5d7ca3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://kichwahits.com/wp-content/uploads/2022/10/MP3-DOWNLOAD-Rosa-Ree-Gigy-Money-Emergency.jpg>; rel="canonical"
content-length: 3966
expires: Sat, 05 Oct 2024 21:07:20 GMT

GET
H2 200 MP3-DOWNLOAD-Bahati-Mambo-ya-Mhesh.jpg
i0.wp.com/kichwahits.com/wp-content/uploads/2022/10/ 4 KB
4 KB 85ms
84ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/kichwahits.com/wp-content/uploads/2022/10/MP3-DOWNLOAD-Bahati-Mambo-ya-Mhesh.jpg?resize=145%2C100&ssl=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8535cb4ba0762c98ceca3ddf1a2143d87640fa8ac986760603b987ce140ca7cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: MISS lhr 3
date: Thu, 06 Oct 2022 10:14:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2022 09:07:20 GMT
server: nginx
etag: "aa326c3d89982d53"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://kichwahits.com/wp-content/uploads/2022/10/MP3-DOWNLOAD-Bahati-Mambo-ya-Mhesh.jpg>; rel="canonical"
content-length: 3650
expires: Sat, 05 Oct 2024 21:07:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 74ms
72ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-97CF6J75T1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166828061-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

627aa807c03120678cf176e47c14684c71b6e7455612cbf82a7188ca7205948b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75389
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 06 Oct 2022 10:14:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
53ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166828061-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 09:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3541
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 06 Oct 2022 11:15:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 178ms
62ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-97CF6J75T1&gtm=2oea50&_p=879780389&gdid=dZTNiMT&cid=1960934497.1665051298&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665051297&sct=1&seg=0&dl=https%3A%2F%2Fkichwahits.com%2F&dt=Home%20%E2%80%94%20kichwahits&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-97CF6J75T1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:14:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kichwahits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/417660/ Frame 33F4 45 KB
46 KB 75ms
59ms Image
image/png 78.46.33.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/417660/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1717641?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.33.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.33.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 9fbfbf0ef73cea7306ed56d6d5407c2624c87f25c16f269c2c77c511d256b1a4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:58 GMT
x-amz-version-id: cxNH08l_wUQ5f3lNvaG6BSLKM0_tY1fJ
last-modified: Mon, 26 Sep 2022 09:29:28 GMT
server: nginx
x-amz-request-id: 7E0ZS72JG54E6NKH
etag: "b06fe5df6bd230c0f3ff8f24bc1ab611"
content-type: image/png
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 46236
x-amz-id-2: uBDHRhjD5c/kz239WrX9GT3LQ2z4zqOSL5ZgRPxiu8FVXT0CJfGQBOV9CFAcYXq4n+p1hW3rRTM=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 33F4 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pubads_impl_2022100301.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 218ms
72ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 10:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130906
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 03 Oct 2023 10:30:54 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
104 B 241ms
95ms XHR
application/json 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kichwahits.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e23d3522fac3c8a96597dd3fa0e247c90ae6d4edd086324f60e6461d6f22d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Thu, 06 Oct 2022 10:14:58 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 349 KB
115 KB 289ms
143ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2295251696792504&plah=kichwahits.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2295251696792504

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b24557f61bcba5932dd1faa2b2474940b810969cbcb51548309dc3f194b63640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117225
x-xss-protection: 0
server: cafe
etag: 16370210684008904509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 10:14:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/ Frame A8E7 10 KB
5 KB 353ms
72ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2295251696792504

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 17923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 05:16:15 GMT
etag: 9671129459699598864
expires: Thu, 20 Oct 2022 05:16:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame 988A 461 KB
142 KB 191ms
77ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 06 Oct 2022 10:14:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: /FnTyG7mivuubIGMmM4B7Q==
age: 6788
x-ms-lease-status: unlocked
last-modified: Wed, 05 Oct 2022 06:19:58 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0e3f5c92-b01e-0019-5082-d87f2c000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 755da215ed15e68c-LHR
expires: Thu, 06 Oct 2022 14:14:58 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 169ms
60ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=879780389&t=pageview&_s=1&dl=https%3A%2F%2Fkichwahits.com%2F&ul=en-us&de=UTF-8&dt=Home%20%E2%80%94%20kichwahits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1500800631&gjid=1125992620&cid=1960934497.1665051298&tid=UA-166828061-1&_gid=1310635677.1665051298&_r=1&gtm=2oua50&did=dZTNiMT&gdid=dZTNiMT&z=1884800657

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kichwahits.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:14:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kichwahits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 181ms
70ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-166828061-1&cid=1960934497.1665051298&jid=1500800631&gjid=1125992620&_gid=1310635677.1665051298&_u=YADAAUAAAAAAACAAI~&z=581870193

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kichwahits.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Oct 2022 10:14:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kichwahits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 178ms
62ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kichwahits.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 178ms
63ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kichwahits.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 175 KB
44 KB 489ms
489ms XHR
text/plain 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=401815053796341&correlator=2325067654489672&eid=31060437%2C31069353%2C31068367%2C31062930&output=ldjh&gdfp_req=1&vrg=2022100301&ptt=17&impl=fifs&iu_parts=147246189%3A22639133039%2Ckichwahits.com_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=2566641203&sfv=1-0-38&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1665051298402&lmt=1665051298&dlt=1665051297263&idt=1114&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkichwahits.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1960934497.1665051298&ga_sid=1665051298&ga_hid=879780389&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03b33a310ce7b234b8c03c8fb4246f06cc3814297a9fd366065bd4e19f15ebd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45447
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kichwahits.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 489E 6 KB
4 KB 209ms
62ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 10:14:58 GMT
expires: Fri, 06 Oct 2023 10:14:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022100301.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 72ms
72ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022100301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

beeefb3d8f734852db26323e9e0716529366f4421236c3b357076488155e6cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 10:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13928
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 03 Oct 2023 10:42:53 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 198ms
66ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkichwahits.com%2F&domain=kichwahits.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://kichwahits.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://kichwahits.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 06 Oct 2022 10:14:58 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 594623
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 988A 483 B
867 B 167ms
68ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:58 GMT
x-amz-version-id: 1664789525099463
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txc469eb0e32f448ef8851f-00633aac4d
age: 261717
x-amz-id-2: txc469eb0e32f448ef8851f-00633aac4d
last-modified: Mon, 03 Oct 2022 09:32:05 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rwwp8llSM%2FtLbKE8B87jkZHIoy6LpMI6wPtxvKye9C0C9jfSnvt14Z7TW1heLUYMc5JYgYp%2FybnGvUHCtPdn7gcTMHl3JgnVbXAx7waaYXGeVwonsH3bQUl8KprQVhOFF6%2BMRqqDoFn1Dyo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 755da21808e875a9-LHR

GET
H2

200

sid Show response
mug.criteo.com/ Frame 988A
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkichwahits.com%2F&domain=kichwahits.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=nDNj73w2dGNIN2tOMk1URGRlbkhLbk9rb2o0VVpWWE1LZ1hPbTV0Y0dNVnRMempOS29ia05HU21lY29IT0ltaUF6Qlh4ejNZaFNiTFVLckRSdXR2WEVMWk8wSVJOY0xPcHlaN25mQlFrakZDQW5VSjRUMklINUlWbE1tUG...

375 B
657 B

192ms
68ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=nDNj73w2dGNIN2tOMk1URGRlbkhLbk9rb2o0VVpWWE1LZ1hPbTV0Y0dNVnRMempOS29ia05HU21lY29IT0ltaUF6Qlh4ejNZaFNiTFVLckRSdXR2WEVMWk8wSVJOY0xPcHlaN25mQlFrakZDQW5VSjRUMklINUlWbE1tUG96ZE9DMkpXZEZPcXJFUGQ1NkdSZm5XaUN3cjJHOVBmeFBMeUx6dWJQb2Z4UnZ3S0JTMzNJWFFVSnpWVEVrcTV3L3BDWWdJOEFHQmE3RWFFNmEwRThUT2tjQ0tCdXNwYWVyRVVFM2hFY3NTMXhncmIvbXkwPXw&cppv=2

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3066e720053d64bfcf38d64e28fe1a5436e4309efa9afeaf88709035f954aefe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:14:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1485576
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:14:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=nDNj73w2dGNIN2tOMk1URGRlbkhLbk9rb2o0VVpWWE1LZ1hPbTV0Y0dNVnRMempOS29ia05HU21lY29IT0ltaUF6Qlh4ejNZaFNiTFVLckRSdXR2WEVMWk8wSVJOY0xPcHlaN25mQlFrakZDQW5VSjRUMklINUlWbE1tUG96ZE9DMkpXZEZPcXJFUGQ1NkdSZm5XaUN3cjJHOVBmeFBMeUx6dWJQb2Z4UnZ3S0JTMzNJWFFVSnpWVEVrcTV3L3BDWWdJOEFHQmE3RWFFNmEwRThUT2tjQ0tCdXNwYWVyRVVFM2hFY3NTMXhncmIvbXkwPXw&cppv=2
access-control-allow-origin: https://kichwahits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 664381
content-length: 0
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame 988A 216 B
624 B 191ms
62ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

ed41a0ec0e4c3cfca725790410e69259d1d30c07fb91c789f1485fb87d0f4eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://kichwahits.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kichwahits.com
date: Thu, 06 Oct 2022 10:14:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 988A 79 KB
28 KB 284ms
104ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8699f6252d0f9c04a5a4a6df0a16df02fcf635b0ebe61fa573d8daf53cfed14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27682
x-xss-protection: 0
server: sffe
etag: "1355 / 948 of 1000 / last-modified: 1665045782"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 06 Oct 2022 10:14:58 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E3A7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
573 B

187ms
54ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 06 Oct 2022 10:14:58 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 06 Oct 2022 10:14:58 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 274ms
109ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-166828061-1&cid=1960934497.1665051298&jid=1500800631&_u=YADAAUAAAAAAACAAI~&z=1048538303

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:14:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 199ms
81ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-166828061-1&cid=1960934497.1665051298&jid=1500800631&_u=YADAAUAAAAAAACAAI~&z=1048538303

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:14:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 988A 482 B
758 B 182ms
81ms XHR
application/json 2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be038188cb8dce26d14376e53ec0ec8b14e14cc7bc4e6e37e2801df145f81280

Request headers

Referer: https://kichwahits.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:14:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8%2BltxLniwlnrGYmpu1cg3N5RYhFORabR3qn6k%2BIlJ7oBF13IO91wp9XmDOkPV45ExCSRAxqRwQzSCXWBSBOiG3%2FsAZ0bWQUkXyqnMTS630G6vPmO%2FzpGUOk%2BrtM8bgRy1J4UhVw7dORLgFGsdkw2Nn3pHFW"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kichwahits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 755da2187e4c88bf-LHR
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 988A 16 KB
7 KB 382ms
282ms XHR
application/json 2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4310187ac42700417f9d7f5cd7fe49d41412cb478bb1cc07d5c2845501ce1528

Request headers

Referer: https://kichwahits.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:14:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bptWJqI5s5ZUwlAT%2FgWXtnJjSiv08OV3FJfB5E3d9Ns1ggqbJIu6dk2hjExPX7B6O3lzkq9mLpPOZJLiMv3pdo4CzrXgCGmfvpvnRH%2F%2FXL7Q4JMERnJD2XHQ9%2FN%2F7MYI29PxLJTziHdgyFSsZi4FjYicBJBo"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://kichwahits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 755da2187e5088bf-LHR
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 988A 0
216 B 164ms
54ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=18519580792

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kichwahits.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Oct 2022 10:14:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://kichwahits.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 988A 0
176 B 154ms
50ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kichwahits.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kichwahits.com
date: Thu, 06 Oct 2022 10:14:58 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 988A 16 KB
8 KB 277ms
156ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e1b797d8e38aa00ee3ced13e03fb5febe94be0f9ddb7da6f585d69944915463f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kichwahits.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 06 Oct 2022 10:14:58 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f281f125-1d94-4dc3-b852-238497060614
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kichwahits.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 988A 5 B
484 B 357ms
183ms XHR
application/json 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExNzc5MTkmdHJhbnNhY3Rpb25JZD00ZjZiZGU1ZS0yODU4LTQ1ZDMtYTdkMS04NWQyMzViZDdiYzQ%3D&pt=gross&stid=91b58b35-2c41-41cb-86b7-f28d7af576cb&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjNiNjUyMzkxLWE0ODEtNGIzYy1iMzlhLTFkOGQ3OTlhMWQ5ZiI6WzFdfX0%3D

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kichwahits.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:14:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: https://kichwahits.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
646 B 262ms
95ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kichwahits.com&callback=_gfp_s_&client=ca-pub-2295251696792504

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2295251696792504&plah=kichwahits.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5343a51ce3c85e28ee47b28b3be5820d1e5617adbf33bb1fb30ac04f4e0f44bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2149 603 B
68 B 267ms
120ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2295251696792504&output=html&adk=1812271804&adf=3025194257&lmt=1665051298&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkichwahits.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665051298070&bpp=3&bdt=807&idt=469&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8616741591657&frm=20&pv=2&ga_vid=1960934497.1665051298&ga_sid=1665051298&ga_hid=879780389&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770881%2C31062930&oid=2&pvsid=401815053796341&tmod=2050638576&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=482

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 10:14:58 GMT
expires: Thu, 06 Oct 2022 10:14:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 988A 73 KB
23 KB 144ms
56ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: add45fdd8fbc8afe60d4a7c399a00990bdd1439f5a9b5002413bcc98acf6251d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:58 GMT
x-amz-version-id: 1664789524544165
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx79943d08399647ea84f6f-00633aac5a
age: 261655
x-amz-id-2: tx79943d08399647ea84f6f-00633aac5a
last-modified: Mon, 03 Oct 2022 09:32:04 GMT
server: cloudflare
etag: W/"60065ce00862bc7ec608e62f1deac544"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqM5AUIUJ3OR9sP3WdAAwb2KQ8AmPSV8kTda7jSHvezbd1EjRCdUP5aqitiO5CsJ7aV4l%2BPD5%2BjuTeBf37XpkTgYV9G9DlsQKUTlSrRoWi3ve8VxZLmtmfGZ1v5w6kXPnCN%2FfqzyvyGl3ZQK"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 755da2190ca371b6-LHR
access-control-allow-headers: Authorization

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame 988A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%2524UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=410857496921411902

36 B
36 B

82ms
81ms

Image
text/plain

2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=410857496921411902
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H2
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:14:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjPVLSSxZjtFH63yh4Z8UMfVADeQskPkklWJVzyUj%2FA%2BYXJOyPumpg928ZnJbxe2WgPwtFlHoG%2B9OtxAmQUzs1q22ztN1vCxGl6QIpAbjmE1HU6c6qgc%2BPgwUXgvWEw9rO%2Bau8jyiWgIOWNWNdVYr3J4szVm"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 755da21aaa5f88bf-LHR
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 06 Oct 2022 10:14:58 GMT
AN-X-Request-Uuid: 627b4fb9-e18d-4b8e-a939-fbf65343144f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=410857496921411902
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pubads_impl_2022100301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 988A 379 KB
128 KB 85ms
85ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 10:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130906
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 03 Oct 2023 10:30:54 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 988A 95 B
104 B 96ms
96ms XHR
application/json 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kichwahits.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e23d3522fac3c8a96597dd3fa0e247c90ae6d4edd086324f60e6461d6f22d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Thu, 06 Oct 2022 10:14:58 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E3A7 31 KB
10 KB 62ms
62ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Thu, 06 Oct 2022 10:14:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=32560
Connection: keep-alive
Content-Length: 9421
Expires: Thu, 06 Oct 2022 19:17:38 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 203ms
66ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 06 Oct 2022 10:14:58 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 602745
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 container.html Show response
907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9F2C 6 KB
3 KB 163ms
54ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 10:14:58 GMT
expires: Fri, 06 Oct 2023 10:14:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E3A7 284 B
536 B 249ms
56ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 988A 107 B
122 B 242ms
95ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kichwahits.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 988A 107 B
122 B 176ms
66ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kichwahits.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 988A 20 KB
9 KB 446ms
445ms XHR
text/plain 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3488415393331743&correlator=3606722709191390&eid=21065725&output=ldjh&gdfp_req=1&vrg=2022100301&ptt=17&impl=fifs&iu_parts=147246189%3A22639133039%2Ckichwahits.com_320x100_mobile_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C320x50&ifi=1&adks=2676038133&sfv=1-0-38&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D320x100%26hb_pb%3D0.06%26hb_adid%3D137c7ef8a4296e6%26hb_bidder%3Dappnexus&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3D673df354cd7c7309-22407fe33cce0097%3AT%3D1665051298%3AS%3DALNI_MYuJegeVTbf5WGFgE2xe_evmf5h_Q&arp=1&abxe=1&dt=1665051299001&dlt=1665051298087&idt=901&adxs=0&adys=2512&biw=1600&bih=1200&isw=320&ish=150&scr_x=0&scr_y=0&btvi=1&ucis=qha0utz4nj9m&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fkichwahits.com%2F&top=kichwahits.com&frm=23&vis=1&psz=320x150&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=1960934497.1665051298&ga_sid=1665051299&ga_hid=1229770423&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a86f8ba28dc87ff33f1a141657a373ec7b277c73788254c44f58239273b4fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9376
x-xss-protection: 0
google-lineitem-id: 323970389
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303033641
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kichwahits.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fbd64f009a7070897b622a02c2f4a9e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6CC5 6 KB
3 KB 76ms
61ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fbd64f009a7070897b622a02c2f4a9e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 10:14:59 GMT
expires: Fri, 06 Oct 2023 10:14:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie
cm.adform.net/ Frame 988A 43 B
106 B 223ms
73ms Image
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:59 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H3 200 css2
fonts.googleapis.com/ Frame 9F2C 4 KB
636 B 242ms
95ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com
URL: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 10:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 08:22:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Oct 2022 10:14:59 GMT

GET
H2 200 de17d2874496eb5aa5ae962212bd52f2.js Show response
www.gstatic.com/mysidia/ Frame 8772 10 KB
4 KB 375ms
87ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/de17d2874496eb5aa5ae962212bd52f2.js?tag=client_fast_engine_2019

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0658601ec218af17ef062c0a57a3fb492033a478223a053975eeae25f87e275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 08:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4282
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 21:54:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 08:56:05 GMT

GET
H2 200 147c5bcf0d689e37d960cb446d8248a0.js Show response
www.gstatic.com/mysidia/ Frame 8772 150 KB
56 KB 386ms
98ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/147c5bcf0d689e37d960cb446d8248a0.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d96038ac31db42b6d923947d07c9f1d3597fc9cd67afd6fcf307decd5b65a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 03:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57046
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 00:52:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 29 Dec 2022 03:24:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8772 4 KB
816 B 226ms
97ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 10:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 08:31:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Oct 2022 10:14:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 8772 2 KB
983 B 232ms
109ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 10:10:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 8772 23 KB
10 KB 177ms
55ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 10:13:12 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 8772 3 KB
1 KB 232ms
110ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 10:10:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 8772 17 KB
7 KB 185ms
63ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:02:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 10:02:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8772 0
0 243ms
94ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvqF8Fxi8se6kbuRvseiDaArKBJjiMDKqk-DzWbufqWixGCIKT2DNFzncUJvN7QC57OYeKDdKu_QIyFag8n4Dp5uIFAQ
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8772 142 KB
44 KB 257ms
109ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Oct 2022 10:14:59 GMT

GET
H2 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame 8772 32 KB
14 KB 357ms
73ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 13:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 00:52:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Dec 2022 13:07:08 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/ Frame 9F2C 19 KB
8 KB 189ms
71ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com
URL: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8224
x-xss-protection: 0
server: cafe
etag: 17584738254627026664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 10:07:05 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9F2C 205 B
294 B 377ms
98ms Image
image/png 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com
URL: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 08:08:19 GMT
x-content-type-options: nosniff
age: 7600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 06 Oct 2023 08:08:19 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9F2C 604 B
918 B 373ms
94ms Image
image/png 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com
URL: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 09:58:23 GMT
x-content-type-options: nosniff
age: 996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 06 Oct 2023 09:58:23 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame E3A7 0
239 B 330ms
57ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 46B8 0
0 107ms
107ms Fetch
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmxkf0_G2fa83buO5RsNtb8n_yDHnxk2Rdo9rnQzDNAgDbOXQRI6RPo2_XvB44_uhBnc_HHgdCTmfzNURco3IUfgy-k-2TMP-I9raguU3zT_T0wtM-CRe6EKxIGyswA6VSO-LdrsbP5SUpF5RWmXegjmLMtv5rDRuCAIvMbBJGvLpAK6M4Ie_iaQrexPOPwDU5milK2FgU7-Aiksx6LH78RzpA-3Qpsx8x9i8awV2y4BMUxTooQboovWglZrOCnrabo8pLZOQxHZWL_dx0siqzrHoZ4X1z7PsDJ3Wv57LN-owV5TeEMqO9aGPTdz8JMEccX003TrXVV4RUhZ1mqKfl-nN2LKQmnwb6jA&sai=AMfl-YQnr2hyfO1hvFufIU9HzEng4aJHdLek_hwVnwxGG22pC-qnXnl1wdAZhujeQB50SuAjz1Vj4qnmg381NXGakxQ_aFjRo_Amml-QiWc_KXIFTs90o34mc1ijOLEGJJus&sig=Cg0ArKJSzOshGvA0dD2rEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 988A 0
209 B 183ms
57ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kichwahits.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 06 Oct 2022 10:14:59 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 46B8 136 KB
46 KB 208ms
79ms Script
text/javascript 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUL2446F

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c51dba5b49a56ec08a03a6c4417773f2572e548436d2734e9f487fbd868bf3dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-mnt-h: 8-12
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 06 Oct 2022 10:14:59 GMT
server: Apache
etag: "42a3799440c00d747207902e18138d92"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 8-20
timing-allow-origin: *
expires: Thu, 06 Oct 2022 10:19:59 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 46B8 35 B
296 B 194ms
54ms Image
image/gif 23.216.77.36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=23041593&other_prv=9&jar_err=&current_day=4.0&adtyp=0&req_id=4347995161661325729&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=16.4339&exp=&fdbk_id=&second_bidder=*&search_res=40&floor_bucket=0.00&gpid_format=&seat=&size=320x100&f_seg=&prdp=0.1140&ogcbdp=0.1900&dfpbd=0.1140&server=1&ogerpm_wd_bkt=0-1&model_version=202210052042_generic_appn_2-cid_1&viewability=0.5900&dmm_r=0.7050&cut=40&dmm_l=0.0220&as_cache=0&tcyerpm=&sc=BY&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=kichwahits.com%2F&bidrestime=1665051298713&cc=DE&strg=harmony&ss=&current_hour=9&time_stamp=2022-10-06+10%3A14%3A58&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.1900&ct=Nuremberg&akey=&mnckfl=0&bdp_bucket=0.20&algo=default&dc=eu_be&splid=23041593&dim4=exploration&dn=kichwahits.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.91+Safari%2F537.36&buyer_id=&dmm_m10=1055349&bdp_wider_bucket=1&acid=28201e64b1164d019f4e90b530bba139&infl=&o_ver=NT+10.0&br_ver=106.0.5249.91&bdmm_m6=1.0000&bdmm_m7=1.1060&bdmm_m5=1.0000&ver=8.14.1&totalTimeBucket=3&visibility=0&totalTime=3631189&dmm_m1=2022-10-06+10%3A14%3A58.715191386&e_rpm=0.1520&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=1.1060&cid=8CU6M287B&bcrid=352460760&rawbid=0.1900&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-74cbdf8785-dxvh4.BE&dfp_bucket=0.1&adblk=&itype=appnexus&pvid_seat=9&cliIP=1388806656&advurl=content.businessinfoline.com%2F&level_base=0&crid=856004011&sat=1&br_id=265&cut_bkt=40&gpid=&iwb=1&dmm_d22=0.02&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.19
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.216.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Oct 2022 10:14:59 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 06 Oct 2022 10:14:59 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame 46B8 61 KB
62 KB 176ms
54ms Script
application/javascript 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Thu, 06 Oct 2022 10:14:59 GMT
server: nginx
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=10152
access-control-allow-credentials: true
content-length: 62892
expires: Thu, 06 Oct 2022 13:04:11 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/229/ Frame 46B8 85 KB
29 KB 178ms
55ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/229/trk.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f848d12e0c73ffe76cce049dd372c19fd257214e8ec43be66bd27a4d335837f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: Thu, 05 Oct 2023 09:41:59 GMT
Date: Thu, 06 Oct 2022 10:14:59 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 88381
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29365
X-Served-By: cache-lga21932-LGA, cache-hhn4033-HHN
Last-Modified: Wed, 05 Oct 2022 09:41:41 GMT
Server: AkamaiNetStorage
X-Timer: S1665051300.618291,VS0,VE0
ETag: "e4a20054d2e3bd70bee1fab0cc606a4f:1664962901.362129"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 371993

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 46B8 0
814 B 288ms
161ms Image
text/html 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fkichwahits.com%252F&e=wqT_3QLMBOhMAgAAAwDWAAUBCKLV-pkGEI3En6j467OpWBgAKjYJyXa-nxovvT8RkX77OnDOuD8ZAAAAYGZm_j8hkQ0SACkRJPTTATEAAACAPQq3PzC5rP4KOP8cQJUJSGBQ2L-IqAFYlumXAWAAaMC0UXj71gWAAQGKAQNVU0SSAQNFVVKYAcACoAFkqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AKWROAC7_ku6gIXaHR0cHM6Ly9raWNod2FoaXRzLmNvbS-AAwCIAwGQAwCYAxegAwGqA0ESGDQzNDc5OTUxNjE2NjEzMjU3Mjlfc2JpZBoTNjM2NDM3NzIzMjU4ODY2MTI2MSIJMzUyNDYwNzYwKgVNMTE3M8ADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC40M6gEALIEDwgAEAEYwAIgZCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATYv4ioAYgFAZgFAKAFoYPDv4HSy6s8wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4ugZAAMgH-9YF0gcNCQAAABU4jNoHBggAEAAYAOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=05121c472309c4aa2be5c2bca877f12bf661d075

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Oct 2022 10:14:59 GMT
AN-X-Request-Uuid: cbad83c1-4a7f-42bc-811c-f72224e86ff7
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46B8 142 KB
44 KB 138ms
137ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Oct 2022 10:14:59 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8772 0
327 B 581ms
151ms Ping
image/gif 2607:f8b0:4001:c2b::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l8wwjxan&c=1508429834003&slotId=754214917001.5&qqid=CI3XuLmvy_oCFVO33godB5EFuA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/147c5bcf0d689e37d960cb446d8248a0.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c2b::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:15:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hq1.jpg
i1.ytimg.com/vi/nU8tqwm306w/ Frame 8772 8 KB
8 KB 243ms
54ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/nU8tqwm306w/hq1.jpg

Requested by

Host: 907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com
URL: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fa6392a392f37568eaaf44111f54cd134b792acd2bbd8883ef44f2a10b4f248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 09:58:30 GMT
x-content-type-options: nosniff
age: 989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8077
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 06 Oct 2022 11:58:30 GMT

GET
H/1.1 206
Partial Content videoplayback
rr5---sn-4g5edns7.googlevideo.com/ Frame 8772 3 MB
0 215ms
58ms Media
video/mp4 2a00:1450:4001:68::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5edns7.googlevideo.com/videoplayback?expire=1665080098&ei=oqo-Y8flLJKA8gPC84qQAQ&ip=2a01:4a0:2c::3&id=9d4f2dab09b7d3ac&itag=18&source=youtube&requiressl=yes&mh=cB&mm=31&mn=sn-4g5edns7&ms=au&mv=m&mvi=5&pl=29&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=102.957&lmt=1662126645703178&mt=1665050946&txp=5430434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhANZWVvM01FTL4pEFRj538kgu2sM-bGN-cgcl9b6FZlhgAiAkj-NsZguC-B9ebZApZkEYUSfb2UGMwihfNRFwqEFPuA==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgCoLF1q-UYkng-FNUo7Yj_hAQnC9QpU8xX6J8RX3ZMGMCIAo0LaO9stgy3dTzUaY9dAHZnZmjTbtYzolQmfM8oQEQ&cpn=wyN7XJaUx3G45rww

Requested by

Host: 907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com
URL: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:68::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 06 Oct 2022 10:14:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Sep 2022 13:50:45 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-3695769/3695770
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3695770
Expires: Thu, 06 Oct 2022 10:14:59 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame 46B8 76 KB
27 KB 315ms
315ms Script
text/javascript 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=363467585&size=320x100&cc=GB&chnm=HARMONY&pid=8PO15FLE3&tpid=TJT3376&https=1&vif=1&requrl=https%3A%2F%2Fkichwahits.com&kwrf=https%3A%2F%2Fkichwahits.com&nse=5&vi=1665051299769817158&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&itid=16&bcpf=8fOnRrolnfOur8B44zezBqaq&bdrId=9&ntv=0&matchstring=bcat%3De%2C6%2C7%2C8%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p1743312151t202210061014&goent=1&nb=1&cadomain=tzR-hLcl-L8STh12GHgxT3I0sd_f4jmSlrfbUGkyedZG_zl3AhFcDA%3D%3D&allsc=EN

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUL2446F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

2c30e3627487477a7e92677a4740d5831e5104729cd031658b1326f74dac5f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-sc-w: 22-fw0d
pragma: no-cache
date: Thu, 06 Oct 2022 10:15:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 22-qdvm
timing-allow-origin: *
content-length: 26890
expires: Thu, 06 Oct 2022 10:15:00 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 99BF 15 KB
6 KB 90ms
90ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

714033fa8ac9fbaf5d1a922ec73974d960dad9105a68b5248fe2762874e3cf2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 5745
content-type: text/html; charset=UTF-8
date: Thu, 06 Oct 2022 10:14:59 GMT
expires: Sat, 08 Oct 2022 10:14:59 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 bping.php
lg3.media.net/ Frame 46B8 15 B
15 B 97ms
89ms Image
text/html 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=556&&vgd_cdv=809&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=363467585&vi=1665051299769817158&ugd=4&lf=6&kwrf=https%3A%2F%2Fkichwahits.com&cc=GB&sc=EN&lper=100&wsip=2886781337&r=1665051299874&requrl=https%3A%2F%2Fkichwahits.com&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=201011&vgd_rakh=1665051299118690990&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_pgid=p1743312151t202210061014&vgd_pgids=1&vgd_uspa=0&hvsid=00001665051299871013888066561295&gdpr=1&vgd_l2type=sca&vgd_end=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Thu, 06 Oct 2022 10:14:59 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=36831
content-length: 15

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 1496 21 KB
8 KB 95ms
95ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

265b31a1a57dd9a665892a70e0bf5f77d145aa49973409f0a813296cf014b0b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7841
content-type: text/html; charset=UTF-8
date: Thu, 06 Oct 2022 10:14:59 GMT
expires: Sat, 08 Oct 2022 10:14:59 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 46B8 35 B
199 B 89ms
81ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4825&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=4347995161661325729&s_city=frankfurt+am+main&ugd=4&bcat%3C%3E=IAB11-4%23%23IAB11-5%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&og_cbdp=0.190&size=320x100&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=d5053ec1&scrid=352460760&itypeid=16&mx_SPRIG=0&viewability=59&renderer=0&be=0&rtime=7.0&adj0=0.0&tmax=150&s_ip=37.252.171.109&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=4347995161661325729&sc=BY&mowxReqId=28201e64b1164d019f4e90b530bba139_1&ifdp=0&requrl=https%3A%2F%2Fkichwahits.com&bidrestime=1665051298713&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-363467585-41-1&coppa_enf=true&devmodel=Unknown&bdp=0.190&ct=Nuremberg&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=201011&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=kichwahits.com&dt=O&acid=28201e64b1164d019f4e90b530bba139&actltime=11&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.114&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3711&bfs=103&rfc=-1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460760&omul=1.0&res_mtype=0&chnl=HARMONY&pst=0&reqsize=320x100&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1665051898967&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=363467585&ckfl=0&lper=1&mx_tgs=320x100&dummy_vsid=false&cbdp=0.114&csex=0&pvdTmax=110&ltime=11.0&epc=363467585&prvReqId=8323546412589_1940566442_856004011191&zip=90403&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-2033004&brsrclk=0&sbdrid=99&mx_bsBucketRa=0&rtttime=18&apTags%3C%3E=75&mx_PC=1&wsip=mowx-7b478867f9-kxvvd&currsrc_date=2022-10-05+00%3A00%3A00&mx_divid=23041593&geoll=false&omid=0&debug_ts=2022-10-06+10%3A14%3A58&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=23041593&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&pid=8PR113JGC&spTo=3&ecp=1.9&pvid=9&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-74cbdf8785-dxvh4.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=23041593&ptype=23&media=0&acsn=1&dtc=eu_be&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.19&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=23041593&opbidflr=0.000&impId=6364377232588661261&rme=adm&bdata=~bx_len%3D1288~seller_tag_id%3D23041593~std%3D23041593~itype%3DAPPNEXUS~visibility%3D0~city%3DNUREMBERG~ref_cnt%3D0~r_ip%3D82.199.130.0~r_sc%3DBY~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D201011~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D50~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.02~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010011~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D320x100~bx_agl2a_l%3D0~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~iha%3D0~dmm_l%3D0.022~dmm_r%3D0.705~e_rpm%3D0.152~dmm_m1%3D0.152~dmm_m2%3D0.019~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.106~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.845~dmm_m12%3D1.106~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.054~dmm_m16%3D0.705~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m39%3D54.000~dmm_m40%3D54.000~dmm_m43%3D0.623~dmm_m44%3D1.054~dmm_m47%3D42797.000~dmm_m48%3D10485928.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.152~vbr%3D0~bid%3D0.190~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D23041593%7Eviewability%3D0.587874%7Ecbdp%3D0.114%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.000%7Eogbid%3D0.190%7Eitype_id%3D16%7Eseller_tag_id%3D23041593%7EcarrierId%3D0%7Edcut%3D40%7Edogb%3D0-1~ibc%3D1~&utime=1172&sf=0&cpr=0.2537893946160843

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: max-age=3600
date: Thu, 06 Oct 2022 10:14:59 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Thu, 06 Oct 2022 16:14:59 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 70A9 21 KB
8 KB 95ms
95ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

265b31a1a57dd9a665892a70e0bf5f77d145aa49973409f0a813296cf014b0b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7841
content-type: text/html; charset=UTF-8
date: Thu, 06 Oct 2022 10:14:59 GMT
expires: Sat, 08 Oct 2022 10:14:59 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 46B8 0
814 B 57ms
56ms Script
text/html 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fkichwahits.com%2F&e=wqT_3QKLBOgLAgAAAwDWAAUBCKLV-pkGEI3En6j467OpWBgAKjYJyXa-nxovvT8RkX77OnDOuD8ZAAAAYGZm_j8hkQ0SACkRJPQ-ATEAAACAPQq3PzC5rP4KOP8cQJUJSGBQ2L-IqAFYlumXAWAAaMC0UXj71gWAAQGKAQNVU0SSAQNFVVKYAcACoAFkqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AKWROAC7_ku6gIXaHR0cHM6Ly9raWNod2FoaXRzLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuNDOoBACyBA8IABABGMACIGQoADAAOAK4BADABADIBADaBAIIAeAEAfAE2L-IqAGIBQGYBQCgBaGDw7-B0surPMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfWkCfoFBAgAEACQBgCYBgC4BgDBBgABMDAA8D_QBq_xAdoGFgoQBREdAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpAIAAwADi6BkAAyAf71gXSBw0VdwE4CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=514f6278ac82aa1428851ee98815dd10ccfb1e05&bdref=https%3A%2F%2Fkichwahits.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fkichwahits.com%2F,https%3A%2F%2Fkichwahits.com%2F,https%3A%2F%2Fkichwahits.com%2F&

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Oct 2022 10:14:59 GMT
AN-X-Request-Uuid: f20e0e7e-a747-4d0b-a581-6593be2f93d8
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 46B8 0
0 109ms
109ms Fetch
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAJKNCoP7DZJnVc7msGQRfEfGoIfQadnb74xhmYJLMeiCdQML9SHgnx701LzsTvMmpdt-5UR1WYSpx0xG5S2OROxLBxpkuhKchu9c29eJZqCmJOZHLL8u_slHCQL80qdiVdp2j3QZxq7M8LKQPxQyTDbttDyOd0VygKnEEM14or9ByVPd0n91qo_YgTRHgVfLNkeJH9qy27e1MCBTRIwFmHnxJklUbWlq2l_arftQMan4QkuxTk00jhKeI3yIOAqx4piH1tbYwF-cqKgg45BigsfJxJq0aCFbZhu2P9K3G3gA0NHKDrI5MahrLfZLq5LDxMUhGBIBfjnokjZ8YMYKPwsR1wr6DFS0pI_ow&sai=AMfl-YRFemMb9HSjFTsdvUk3eJGG8Q5DNVi7bZs7ivlTdshUvDJd2aGODhtp4hJWNciZGPLynsHa2pOSyP7A2v5YwqUGXwyyvmzq5p8aWsBPBqCa-XraWOx6721p8XGdclvq&sig=Cg0ArKJSzByOMmgIr-umEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:15:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 06 Oct 2022 10:15:00 GMT

GET
DATA 200
OK truncated
/ Frame 46B8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 565cee77db36db2857084b1aac6c463fa81ac5ad4fbb79a9ab0a768b40d94fef

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 46B8 0
835 B 57ms
57ms Ping
text/html 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fkichwahits.com%2F&e=wqT_3QLMBOhMAgAAAwDWAAUBCKLV-pkGEI3En6j467OpWBgAKjYJyXa-nxovvT8RkX77OnDOuD8ZAAAAYGZm_j8hkQ0SACkRJPTTATEAAACAPQq3PzC5rP4KOP8cQJUJSGBQ2L-IqAFYlumXAWAAaMC0UXj71gWAAQGKAQNVU0SSAQNFVVKYAcACoAFkqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AKWROAC7_ku6gIXaHR0cHM6Ly9raWNod2FoaXRzLmNvbS-AAwCIAwGQAwCYAxegAwGqA0ESGDQzNDc5OTUxNjE2NjEzMjU3Mjlfc2JpZBoTNjM2NDM3NzIzMjU4ODY2MTI2MSIJMzUyNDYwNzYwKgVNMTE3M8ADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC40M6gEALIEDwgAEAEYwAIgZCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATYv4ioAYgFAZgFAKAFoYPDv4HSy6s8wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4ugZAAMgH-9YF0gcNCQAAABU4jNoHBggAEAAYAOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=05121c472309c4aa2be5c2bca877f12bf661d075&type=nv&nvt=5&jm=1003&px=1440&py=1096&bw=320&bh=100&sid=5424830461866742174&vd=ct~0|rr~0&sv=229&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23041593&sw=1600&sh=1200&pw=1600&ph=2437&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/229/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Oct 2022 10:15:00 GMT
AN-X-Request-Uuid: d13f9393-a425-49da-838e-db46f4cfe6f2
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kichwahits.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame D869 36 KB
16 KB 73ms
72ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: 907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com
URL: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 19:20:51 GMT

GET
DATA 200
OK truncated
/ Frame D4C7 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D4C7 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame D4C7 24 KB
25 KB 237ms
58ms Font
application/font-woff 23.216.77.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by: Host: kichwahits.com
URL: https://kichwahits.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.216.77.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer: https://kichwahits.com/
Origin: https://kichwahits.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Unused62: 8096267
Date: Thu, 06 Oct 2022 10:15:00 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-60f0"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24816

GET
H2 200 bql.php Show response
lg3.media.net/ Frame D4C7 15 B
159 B 57ms
57ms Script
text/html 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5057&&&vgd_l2type=sca&fp=ncjYXI9Z8zXXvqZaSg_CGJeAaIVC-xOSQVi2sZ-NHlKkO6ruAPPc-NLR4x2xdGuoube4QEUMvepXF17PmLolyS6XHbU-C4c3VFte1l1uTwZ8UO56BQkpZXs-3jOlmQ_q55XECnZibFQ%3D&cme=Mfimoe1OzSe1mWT6A5gb51s2qtFu02E7AKE7MK0xk7CLT109DKuL-MelgQnkqLCEg8-oV9dN_UliWb6VsTEBZmR-fvA8LJJELBP7EFoUblx_EBSKGuUGReHQxTiiUlXax4H5a-vE2w6UynRRGz2GgX_8XwdKeOwSkuMKTEVRUyb6Li5aneW8HRxtKwB2js0IlqWo3FCFV0Ytp1CtCS6rRobuoK77JZA_-iQIrr0P0wE%3D%7C%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD4UMN5YeLSTEXdAN3yKR5LSRGDgLbxgJqs%3D%7Cxrl5Md8q4-8TxEVvChMrzsCJpXFX93V5uVmuUljRVFo%3D%7C7h8CcyeN4itDNdIcirk7WbHzJwc2wG5JCTsBn1usA_4K5SY8bfqEUcDjfLELD_IfxC2MlxfQLKRIiZQK_cAwFGduob8ZzaJZltm9UnMn9UqsSfKofDew6yWr9n-INcy8NsR_ocBg9WUFx0I31FioDuqAqsrtCycY9QQ0TXkciMgb8P_zlPTWFPEqH8dtLkO0Fy-JL7Z43IAAVPiWcDCO83_kSI72yRxsAl5hmhLk1_BF6vR1QEuleg%3D%3D%7C&v=1&gdpr=1&geo=49.45%7C11.08&dlper=20&lper=100&lpid=&tsid=15046&q=&prv=&type=&ps=&hint=&td=SrcTagSwitchMarketplace%257C%2540%257C&cc=GB&wsip=170785081&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_fm_lang=DE&vgd_dnquo=00_XX&ksu=266&fdkt=391&vgde_kbbh=ffoyxQJuOu99&kwd[]=G%C3%BCnstige+Druckerpatronen+auf+Rechnung&kwt[]=391&kbc[]=1262271042&kwp[]=1&kid[]=350738834&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.36%7C60%3D1.03%7C10%3D5.53%7C66%3D0.07%7C12%3D0.74%7C63%3D0.23%7C1%3D0.93%7Cps%3D0.409%7C3%3D0.44%7C4%3D1.47&ktd[]=274894815488&ktrkt[]=G%C3%BCnstige+Druckerpatronen+auf+Rechnung&kwd[]=Ausgefallene+M%C3%A4nnergeschenke&kwt[]=391&kbc[]=1262271042&kwp[]=2&kid[]=350738829&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.36%7C60%3D1.03%7C10%3D5.53%7C66%3D0.07%7C12%3D0.74%7C63%3D0.23%7C1%3D0.93%7Cps%3D0.409%7C3%3D0.37%7C4%3D1.00&ktd[]=274894815488&ktrkt[]=Ausgefallene+M%C3%A4nnergeschenke&cid=8CUL2446F&vi=1665051299769817158&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D201011&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=809&vgd_l3_sc=EN&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_refdomain=kichwahits.com&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785081&vgd_nrrv=17795&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=nuremberg&vgd_go_pid=8PO15FLE3&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1665051299118690990&sttm=1665051299871&upk=1665051300.12426&hvsid=00001665051299871013888066561295&verid=3111299&vgd_matchstr=bcat%3De%2C6%2C7%2C8%7Ccsh%3D1&sbdrId=99&vgd_ecrid=352460760&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15FLE3&&abpl=2&&kbbq=%26asn%3D201011&&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzvufWW~QJjjJLM71yM8OvfA9HuXiA~Q7OvfA9HuXiA~875EJvK00I4tPb~e8Q8G8j875v9~N875vIPD4cR4DZ~LJkMNz7v9~LM8EvWf.uii.uA9.9~LMQNvR3~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1Qzvf9u9uu~OYYMOuv9~OYYMOfv_~OYYMOAv9~OYYMOHvu9~OYYMOXv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX9~OYYMOuiv9999~OYYMOfuvou~OYYMOffv9.9f~OYYMOfAv9~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9n%2Bn9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~QyY7vJYE75~G-MLENv99u99uu~G-M8z7YOv9~G-My8zQxv9~G-MNQv9~G-MQ8lJvAf9-u99~G-M1yjf1Mjv9~G-Mjf1Qv9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9~8w1v9~OYYMjv9.9ff~OYYMLv9.h9X~JMLEYv9.uXf~OYYMYuv9.uXf~OYYMYfv9.9ui~OYYMYAvu.999~OYYMYXvu.999~OYYMYFvu.999~OYYMYhvu.u9F~OYYMYivu.999~OYYMYu9vu.999~OYYMYuuv9.WHX~OYYMYufvu.u9F~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9XH~OYYMYuFv9.h9X~OYYMYuhvu.999~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAivXH.999~OYYMYH9vXH.999~OYYMYHAv9.FfA~OYYMYHHvu.9XH~OYYMYHhvHfhih.999~OYYMYHWvu9HWXifW.999~ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~JLEYv9.uXf~eGLv9~G8Ov9.ui9~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8OvfA9HuXiA~e8JB1G8j875v9.XWhWhH~NGOEv9.uuH~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.999~myG8Ov9.ui9~875EJM8OvuF~QJjjJLM71yM8OvfA9HuXiA~N1LL8JLVOv9~ONx7vH9~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=220406&vgd_scsver=328&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=320_100&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A320%3Brend_h%3A100%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=EN&vgd_l1rhst=contextual.media.net&hvsid=00001665051299871013888066561295&subBdr=99&bdrid=9&rc=0&rand=1665051300219&acid=28201e64b1164d019f4e90b530bba139&matm=1665051300219&requrl=https%3A%2F%2Fkichwahits.com&vgd_x_pos=640&vgd_y_pos=1096&vgd_ren_page_h=2437&vgd_ltimesrc=1&vgd_ltime=993&vgd_rtime=757&vgd_etm=7&vgd_l1hcsd=A12%7C6663&vgd_l1ch=1&vgd_lhl=3399&vgd_pgid=p1743312151t202210061014&vgd_adprefflag=01&vgd_csip=rtb-common-74cbdf8785-dxvh4.BE&vgd_sbSup=1&vgd_nrrs=17795&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F147246189%2C22639133039%2Fkichwahits.com_320x100_mobile_sticky_0__container__%7CDIV-div-custom-ad-1665051298092-0&vgd_crefurl=https%3A%2F%2Fkichwahits.com%2F&vgd_eadm=1&vgd_end=2

Requested by

Host: kichwahits.com
URL: https://kichwahits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Thu, 06 Oct 2022 10:15:00 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=40055
content-length: 15

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 988A 14 KB
11 KB 252ms
106ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

527eb278869b4681d3166aa35204c054533a65df65d42b9f27e50f0c821f17cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11086
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 231ms
110ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac8d8d0de3c1ec2f5fbb1b1d48f2cc22c9f64fcb548bd77ac5f486a6a42f3022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11179
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 2501ms
2389ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Oct 2022 10:15:03 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 988A 17 KB
6 KB 2487ms
2389ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Oct 2022 10:15:03 GMT

GET
H2 200 log
hblg.media.net/ Frame 46B8 35 B
200 B 54ms
54ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=4347995161661325729&s_city=frankfurt+am+main&ugd=4&bcat%3C%3E=IAB11-4%23%23IAB11-5%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8%23%23IAB1-8&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&og_cbdp=0.190&size=320x100&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=d5053ec1&scrid=352460760&itypeid=16&mx_SPRIG=0&viewability=59&renderer=0&be=0&rtime=7.0&adj0=0.0&tmax=150&s_ip=37.252.171.109&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=4347995161661325729&sc=BY&mowxReqId=28201e64b1164d019f4e90b530bba139_1&ifdp=0&requrl=https%3A%2F%2Fkichwahits.com&bidrestime=1665051298713&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-363467585-41-1&coppa_enf=true&devmodel=Unknown&bdp=0.190&ct=Nuremberg&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=201011&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=kichwahits.com&dt=O&acid=28201e64b1164d019f4e90b530bba139&actltime=11&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.114&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3711&bfs=103&rfc=-1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460760&omul=1.0&res_mtype=0&chnl=HARMONY&pst=0&reqsize=320x100&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1665051898967&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=363467585&ckfl=0&lper=1&mx_tgs=320x100&dummy_vsid=false&cbdp=0.114&csex=0&pvdTmax=110&ltime=11.0&epc=363467585&prvReqId=8323546412589_1940566442_856004011191&zip=90403&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-2033004&brsrclk=0&sbdrid=99&mx_bsBucketRa=0&rtttime=18&apTags%3C%3E=75&mx_PC=1&wsip=mowx-7b478867f9-kxvvd&currsrc_date=2022-10-05+00%3A00%3A00&mx_divid=23041593&geoll=false&omid=0&debug_ts=2022-10-06+10%3A14%3A58&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=23041593&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&pid=8PR113JGC&spTo=3&ecp=1.9&pvid=9&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-74cbdf8785-dxvh4.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=23041593&ptype=23&media=0&acsn=1&dtc=eu_be&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.19&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=23041593&opbidflr=0.000&impId=6364377232588661261&rme=adm&bdata=~bx_len%3D1288~seller_tag_id%3D23041593~std%3D23041593~itype%3DAPPNEXUS~visibility%3D0~city%3DNUREMBERG~ref_cnt%3D0~r_ip%3D82.199.130.0~r_sc%3DBY~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D201011~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D50~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.02~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010011~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D320x100~bx_agl2a_l%3D0~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~iha%3D0~dmm_l%3D0.022~dmm_r%3D0.705~e_rpm%3D0.152~dmm_m1%3D0.152~dmm_m2%3D0.019~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.106~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.845~dmm_m12%3D1.106~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.054~dmm_m16%3D0.705~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m39%3D54.000~dmm_m40%3D54.000~dmm_m43%3D0.623~dmm_m44%3D1.054~dmm_m47%3D42797.000~dmm_m48%3D10485928.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.152~vbr%3D0~bid%3D0.190~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D23041593%7Eviewability%3D0.587874%7Ecbdp%3D0.114%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.000%7Eogbid%3D0.190%7Eitype_id%3D16%7Eseller_tag_id%3D23041593%7EcarrierId%3D0%7Edcut%3D40%7Edogb%3D0-1~ibc%3D1~&utime=1172&sf=0&cpr=0.2537893946160843&evttyp=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:15:00 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 06 Oct 2022 10:15:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 46B8 42 B
64 B 105ms
104ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsths3sC58Mw19FOR5ttJ-TTOw8yxX_eBbdX9E6zr68bGT0VdyE0rhWr49vcs4IwfucqIhjRH4EEmXTdnkbHz232wipFwC6KXpb64pFMeDeObAeAQhjR&sig=Cg0ArKJSzM6jr3wvlYBtEAE&id=lidar2&mcvt=1000&p=1096,640,1196,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221005&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2676038133&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665051299460&rpt=509&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:15:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 46B8 0
835 B 57ms
57ms Ping
text/html 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fkichwahits.com%2F&e=wqT_3QLMBOhMAgAAAwDWAAUBCKLV-pkGEI3En6j467OpWBgAKjYJyXa-nxovvT8RkX77OnDOuD8ZAAAAYGZm_j8hkQ0SACkRJPTTATEAAACAPQq3PzC5rP4KOP8cQJUJSGBQ2L-IqAFYlumXAWAAaMC0UXj71gWAAQGKAQNVU0SSAQNFVVKYAcACoAFkqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AKWROAC7_ku6gIXaHR0cHM6Ly9raWNod2FoaXRzLmNvbS-AAwCIAwGQAwCYAxegAwGqA0ESGDQzNDc5OTUxNjE2NjEzMjU3Mjlfc2JpZBoTNjM2NDM3NzIzMjU4ODY2MTI2MSIJMzUyNDYwNzYwKgVNMTE3M8ADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC40M6gEALIEDwgAEAEYwAIgZCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATYv4ioAYgFAZgFAKAFoYPDv4HSy6s8wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4ugZAAMgH-9YF0gcNCQAAABU4jNoHBggAEAAYAOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=05121c472309c4aa2be5c2bca877f12bf661d075&type=pv&jm=1003&px=1440&py=1096&bw=320&bh=100&sf=1&sid=5424830461866742174&vd=ct~0|rr~5&sv=229&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23041593&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/229/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Oct 2022 10:15:01 GMT
AN-X-Request-Uuid: b589e664-abf4-4df5-a844-c947ef2f7420
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kichwahits.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bqi.php
lg3.media.net/ Frame 46B8 15 B
15 B 67ms
60ms Image
text/html 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=3471&lf=3&&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_l2type=sca&pid=8PO15FLE3&katbid=-103&katen=1&cme=Mfimoe1OzSe1mWT6A5gb51s2qtFu02E7AKE7MK0xk7CLT109DKuL-MelgQnkqLCEg8-oV9dN_UliWb6VsTEBZmR-fvA8LJJELBP7EFoUblx_EBSKGuUGReHQxTiiUlXax4H5a-vE2w6UynRRGz2GgX_8XwdKeOwSkuMKTEVRUyb6Li5aneW8HRxtKwB2js0IlqWo3FCFV0Ytp1CtCS6rRobuoK77JZA_-iQIrr0P0wE=||u8A6SM53vAeDX2gxB2l7q9coRgBZkbzd|qW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|a0AmFUYXmD4UMN5YeLSTEXdAN3yKR5LSRGDgLbxgJqs=|xrl5Md8q4-8TxEVvChMrzsCJpXFX93V5uVmuUljRVFo=|7h8CcyeN4itDNdIcirk7WbHzJwc2wG5JCTsBn1usA_4K5SY8bfqEUcDjfLELD_IfxC2MlxfQLKRIiZQK_cAwFGduob8ZzaJZltm9UnMn9UqsSfKofDew6yWr9n-INcy8NsR_ocBg9WUFx0I31FioDuqAqsrtCycY9QQ0TXkciMgb8P_zlPTWFPEqH8dtLkO0Fy-JL7Z43IAAVPiWcDCO83_kSI72yRxsAl5hmhLk1_BF6vR1QEuleg==|&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=363467585&requrl=https%3A%2F%2Fkichwahits.com&vi=1665051299769817158&ugd=4&cc=GB&sc=EN&bdrid=9&subBdr=99&vgd_kwrf=https%3A%2F%2Fkichwahits.com&startTime=1665051299861&vgd_l1rakh=1665051299118690990&l1ch=1&cref=https%3A%2F%2Fkichwahits.com%2F&sttm=1665051299871&upk=1665051300.12426&hvsid=00001665051299871013888066561295&acid=28201e64b1164d019f4e90b530bba139&verid=3111299&vgd_bdata=~bx_len%3D1288~seller_tag_id%3D23041593~std%3D23041593~itype%3DAPPNEXUS~visibility%3D0~city%3DNUREMBERG~ref_cnt%3D0~r_ip%3D82.199.130.0~r_sc%3DBY~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D201011~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D50~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.02~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010011~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D320x100~bx_agl2a_l%3D0~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~iha%3D0~dmm_l%3D0.022~dmm_r%3D0.705~e_rpm%3D0.152~dmm_m1%3D0.152~dmm_m2%3D0.019~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.106~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.845~dmm_m12%3D1.106~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.054~dmm_m16%3D0.705~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m39%3D54.000~dmm_m40%3D54.000~dmm_m43%3D0.623~dmm_m44%3D1.054~dmm_m47%3D42797.000~dmm_m48%3D10485928.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.152~vbr%3D0~bid%3D0.190~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D23041593%7Eviewability%3D0.587874%7Ecbdp%3D0.114%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.000%7Eogbid%3D0.190%7Eitype_id%3D16%7Eseller_tag_id%3D23041593%7EcarrierId%3D0%7Edcut%3D40%7Edogb%3D0-1~ibc%3D1~&matchstring=bcat%3De%2C6%2C7%2C8%7Ccsh%3D1&vgd_matchstr=bcat%3De%2C6%2C7%2C8%7Ccsh%3D1&vgd_sc=EN&infr=1&stime=1665051299470&vgd_ecrid=352460760&l1hcsd=l1!A12|6663&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22eu_be%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p1743312151t202210061014&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Thu, 06 Oct 2022 10:15:01 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=39871
content-length: 15

POST
H3 204 csi
csi.gstatic.com/ Frame 8772 0
17 B 463ms
151ms Ping
image/gif 2607:f8b0:4001:c2b::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l8wwjxat&c=1508429834003&slotId=754214917001.5&qqid=CI3XuLmvy_oCFVO33godB5EFuA&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/147c5bcf0d689e37d960cb446d8248a0.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4001:c2b::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:15:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 988A 88 KB
29 KB 334ms
77ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:15:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-161a8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Oct 2022 10:15:01 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 88CF 52 KB
17 KB 281ms
55ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 16228
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 06 Oct 2022 10:15:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 7, 308060
X-Served-By: cache-lga13626-LGA, cache-hhn4046-HHN
X-Timer: S1665051302.168179,VS0,VE0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B4E7 15 KB
6 KB 64ms
63ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kichwahits.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 10:15:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 687301
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 988A 88 KB
29 KB 247ms
123ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kichwahits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:15:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-161a8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Oct 2022 10:15:02 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B4E7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kichwahits.com&sn=ChromeSyncframe&so=3&topUrl=kichwahits.com&bundle=zxTYfF9ONnJKJTJGUHVHdFl0V1JDeVI3OFQlMkJnJTJGcVdaa04lMkZJZFpMbjQ3Q0Y2bX...
https://mug.criteo.com/sid?cpp=vIUcanxFYTg5bTUrR1FrMlpwVUpqOWQxVEREZnBPRDJYSkxnUVhSM3pwVXBYdHNzeWlHMk12TGFuQkU2QzlaREljbU1zTTBLb1NkVXlGNGozaThyeUI4NHRhNkJnU1JFek92MlZTMlNqTDBtUXFyY0dNSVIxbExLNnc0NU...

431 B
653 B

68ms
68ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=vIUcanxFYTg5bTUrR1FrMlpwVUpqOWQxVEREZnBPRDJYSkxnUVhSM3pwVXBYdHNzeWlHMk12TGFuQkU2QzlaREljbU1zTTBLb1NkVXlGNGozaThyeUI4NHRhNkJnU1JFek92MlZTMlNqTDBtUXFyY0dNSVIxbExLNnc0NUhaVldLZFNCUUdrZ2JpbTVBUFZXRlVadTNiRUZYTHF6Y254ZkFYdWpVeW1uSCtrL2o1aHBQMTBvWVlMVXhQQzRpdHA4c0liR1laNUtpcTFnaGgyQTh4bDQ4VE95eWtDQ0I5aERjMFJBTXVhZDRBUVdkMHJDQ2xZS2t5a1F5ZnEvM01INGFNZzhRTWFTY2IwQXNISmlXWmNUZkx1Snh6eG81Wk5TTjk3bjYvOWJIVUdaZWF5cz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f62111a3be7f54398675c7786c98d5eeb3b5f1e94d91a342c0294ffb189acfb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:15:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4766545
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Oct 2022 10:15:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=vIUcanxFYTg5bTUrR1FrMlpwVUpqOWQxVEREZnBPRDJYSkxnUVhSM3pwVXBYdHNzeWlHMk12TGFuQkU2QzlaREljbU1zTTBLb1NkVXlGNGozaThyeUI4NHRhNkJnU1JFek92MlZTMlNqTDBtUXFyY0dNSVIxbExLNnc0NUhaVldLZFNCUUdrZ2JpbTVBUFZXRlVadTNiRUZYTHF6Y254ZkFYdWpVeW1uSCtrL2o1aHBQMTBvWVlMVXhQQzRpdHA4c0liR1laNUtpcTFnaGgyQTh4bDQ4VE95eWtDQ0I5aERjMFJBTXVhZDRBUVdkMHJDQ2xZS2t5a1F5ZnEvM01INGFNZzhRTWFTY2IwQXNISmlXWmNUZkx1Snh6eG81Wk5TTjk3bjYvOWJIVUdaZWF5cz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 649230
content-length: 0
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 88CF 0
742 B 76ms
76ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Oct 2022 10:15:02 GMT
AN-X-Request-Uuid: 8f4d2063-9099-4bba-8e52-cda9583c6059
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 88CF 0
742 B 67ms
67ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Oct 2022 10:15:03 GMT
AN-X-Request-Uuid: f51b5e1a-44c6-46e1-af02-17d8f27acadc
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B03A 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 09:54:02 GMT
expires: Fri, 06 Oct 2023 09:54:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 6533 0
0 98ms
98ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-usLRCXA72rIPpZDL6uf0yQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-usLRCXA72rIPpZDL6uf0yQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 10:15:03 GMT
expires: Thu, 06 Oct 2022 10:15:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B680 13 KB
5 KB 54ms
53ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 09:54:02 GMT
expires: Fri, 06 Oct 2023 09:54:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 7206 0
0 96ms
96ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xa-HBpA6Kp19N_LeYv3mLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kichwahits.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Xa-HBpA6Kp19N_LeYv3mLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 10:15:03 GMT
expires: Thu, 06 Oct 2022 10:15:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
pagead2.googlesyndication.com/bg/ Frame B03A 0
0

GET FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
pagead2.googlesyndication.com/bg/ Frame B680 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kichwahits.com/	1970-01-20 16:06:51	Name: _ga_97CF6J75T1 Value: GS1.1.1665051297.1.0.1665051297.0.0.0
.kichwahits.com/	1970-01-20 16:06:51	Name: _ga Value: GA1.2.1960934497.1665051298
.kichwahits.com/	1970-01-20 06:32:17	Name: _gid Value: GA1.2.1310635677.1665051298
.kichwahits.com/	1970-01-20 06:30:51	Name: _gat_gtag_UA_166828061_1 Value: 1
kichwahits.com/	1970-01-20 07:14:03	Name: _pbjs_userid_consent_data Value: 3524755945110770
.kichwahits.com/	1970-01-20 15:16:27	Name: _pubcid Value: 3b652391-a481-4b3c-b39a-1d8d799a1d9f
.adnxs.com/	1970-01-20 08:40:27	Name: icu Value: ChgI7Ip8EAoYASABKAEwotX6mQY4AUABSAEQotX6mQYYAA..
.adnxs.com/	1970-01-20 08:40:27	Name: uuid2 Value: 410857496921411902
kichwahits.com/	1970-01-20 15:52:27	Name: cto_bidid Value: iT9EuV8zM1VNSyUyRlBNa3lsWXBJbDYwNENCQTRIMEFlVDBHSnJlcDRXcEhST3hhVVUzJTJCJTJCMnJzR3JzcXZVV09hMmJ6TzFaTm1JMGgwMHdsJTJCZiUyQkx5ODh5V25EaXclM0QlM0Q
kichwahits.com/	1970-01-20 15:52:27	Name: cto_bundle Value: zxTYfF9ONnJKJTJGUHVHdFl0V1JDeVI3OFQlMkJnJTJGcVdaa04lMkZJZFpMbjQ3Q0Y2bXFzR09CMUNCSUxXb1RDbmUlMkZ3OFl2WUxCWmZHaTRQQXJ3bmQ0ZktKdXc4cTVqaHFFRE1zdEFYSFRDeDd6NWxoWU5TTXB2aXZUJTJCS3dmTTE0SFFzdXpaJTJGdWV3
.doubleclick.net/	1970-01-20 15:52:27	Name: IDE Value: AHWqTUnIz2qZ1bmkPJgWrpP9k1vzGOu55FaGdgrsK0pfGPxNWY92bpMpkjuOV4snXBg
.kichwahits.com/	1970-01-20 15:52:27	Name: __gads Value: ID=673df354cd7c7309:T=1665051298:S=ALNI_Mb9wC6kq241pCewsEaUG3MwXFpGLg
.criteo.com/	1970-01-20 15:52:27	Name: uid Value: e69ed4bd-27db-4e4b-a0d5-a93318556041
.kichwahits.com/	1970-01-20 15:52:27	Name: cto_bundle Value: C103Vl9ONnJKJTJGUHVHdFl0V1JDeVI3OFQlMkJneUp3OTI4WTVCUnlwS3FnWHI1dEpRY2dsbW1kVDdveGtCbk5UNHBqSnAwclMyMlEzciUyRllDTXYxZlJlWjMlMkY5TlNFZTkxZEJHRXNKSUwwVmZMR2NDQUZrTHpVelBabTZKa1k4SHQ1NkxYcWt5S0RFUUl3N29NZHF4Q2xNZkw0alRrdyUzRCUzRA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=410857496921411902 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

907e4aadcb87b6a8bc5807e7119b48f4.safeframe.googlesyndication.com
acdn.adnxs.com
ad.a-ads.com
adservice.google.com
adservice.google.de
adx.adform.net
bidder.criteo.com
c0.wp.com
cdn.adnxs.com
cdn.ampproject.org
cm.adform.net
contextual.media.net
csi.gstatic.com
eus.rubiconproject.com
fbd64f009a7070897b622a02c2f4a9e2.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
googleads.g.doubleclick.net
gum.criteo.com
hblg.media.net
i0.wp.com
i1.ytimg.com
ib.adnxs.com
id5-sync.com
kichwahits.com
lg3.media.net
mug.criteo.com
node.setupad.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel.wp.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
pubads.g.doubleclick.net
qsearch-a.akamaihd.net
region1.google-analytics.com
res-a.akamaihd.net
rr5---sn-4g5edns7.googlevideo.com
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
seebait.com
static.a-ads.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
stpd.cloud
token.rubiconproject.com
tpc.googlesyndication.com
warp.media.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
141.95.98.65
151.101.129.108
151.101.65.108
159.89.25.223
178.250.0.157
178.250.2.131
184.30.20.22
185.184.8.90
192.0.76.3
192.0.77.2
192.0.77.37
2001:4860:4802:34::178
2001:4860:4802:34::36
23.205.235.133
23.216.77.25
23.216.77.36
23.35.228.23
2606:4700:20::681a:8a9
2606:4700:20::ac43:44a2
2606:4700::6812:1f31
2607:f8b0:4001:c2b::78
2a00:1450:4001:68::a
2a00:1450:4001:802::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:811::200e
2a00:1450:4001:827::2001
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:400d:805::2002
2a00:1450:400d:806::2002
2a00:1450:400d:806::2003
2a00:1450:400d:807::2001
2a00:1450:400d:807::2004
2a00:1450:400d:80a::2002
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::200a
2a00:1450:400d:80e::2002
2a00:1450:4025:401::9b
2a02:2638::1c
2a02:2638::3
2a07:7800::183
34.212.54.194
37.157.4.23
37.157.4.25
37.252.171.149
37.252.173.38
69.173.144.139
69.173.144.165
78.46.33.196
96.16.141.156
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03b33a310ce7b234b8c03c8fb4246f06cc3814297a9fd366065bd4e19f15ebd2
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0d96038ac31db42b6d923947d07c9f1d3597fc9cd67afd6fcf307decd5b65a5e
0e23d3522fac3c8a96597dd3fa0e247c90ae6d4edd086324f60e6461d6f22d82
110af8da341940fa6e86d4033d4cad1dfb1877faff91108bd7191ed683623b56
11c3c038b5a1c099cc28bd4daacac1dc9e97e2dac3279ef1007b429c595f8326
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
17d11d49ce496e8eaa2167d6a7ac368975a09ff6dabf13aa8ded46aaa57fb20a
1f848d12e0c73ffe76cce049dd372c19fd257214e8ec43be66bd27a4d335837f
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0
265b31a1a57dd9a665892a70e0bf5f77d145aa49973409f0a813296cf014b0b5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c30e3627487477a7e92677a4740d5831e5104729cd031658b1326f74dac5f72
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3066e720053d64bfcf38d64e28fe1a5436e4309efa9afeaf88709035f954aefe
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4310187ac42700417f9d7f5cd7fe49d41412cb478bb1cc07d5c2845501ce1528
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca
527eb278869b4681d3166aa35204c054533a65df65d42b9f27e50f0c821f17cc
5343a51ce3c85e28ee47b28b3be5820d1e5617adbf33bb1fb30ac04f4e0f44bd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565cee77db36db2857084b1aac6c463fa81ac5ad4fbb79a9ab0a768b40d94fef
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
596b4aabca01ac591c9a7d2b2d8c4893d5ebb36609405574c66c56a32e816ead
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5db0ce0488729c2747c705f170759f62f24161a5edd8cb15f5b024c745037af4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627aa807c03120678cf176e47c14684c71b6e7455612cbf82a7188ca7205948b
65c304ddadef0e121b2fb751e08f7108e8128a01bfd40ab106f8370e75fac44c
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
6e4c8d09e90b71e0cac3498a7d5667b20642f2639e81584563cc8dbe2556d812
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
6fa6392a392f37568eaaf44111f54cd134b792acd2bbd8883ef44f2a10b4f248
714033fa8ac9fbaf5d1a922ec73974d960dad9105a68b5248fe2762874e3cf2f
782d5f3a6762a6193acd44d89fb3b45f4ec3728c418f49123facaf2795f5e8c5
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c
7a86f8ba28dc87ff33f1a141657a373ec7b277c73788254c44f58239273b4fde
7f0d0bceea71a5f83c45cf3c926b7e9e5b51f9a8c3ac83b3d158c33eaf3a9a51
7fa4abb686798756bc90d4d6d1e4da75137160ecf2bc7ff6c103263f9842c444
81bd8e4d1b71512b29e577070d750d7c576a87d9fb044da773e9c8572698c552
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8535cb4ba0762c98ceca3ddf1a2143d87640fa8ac986760603b987ce140ca7cf
85b78eb9a8f7934543014d1ecce59b347ac8f018865d16eef5e117e2af291632
8849fb0792161c13cac157ab2c2d86171f9d83c0fd9702eba3dc87c54292ead4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
9b57e4fc6908a178f5dbf7010660fadd920aa0e097d81d778d38371e98d4544d
9fbfbf0ef73cea7306ed56d6d5407c2624c87f25c16f269c2c77c511d256b1a4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d56f9358098424c02927eb86bf8b24a3ef30cbbd3bd7abcc46b9772469eff9
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a817c49ca3d3dbdaa12b1480d74427629f192f335b52d55833e92d63ecb9a7e9
a8314e357a40693948a0bc20c7403b5f7a2dff61e880171fc9f4e81c9bd069af
a93ec9d032873d9bbdf0816f365e7489b0ad71f4dc4a3b03999f0233e411a590
ac8d8d0de3c1ec2f5fbb1b1d48f2cc22c9f64fcb548bd77ac5f486a6a42f3022
add45fdd8fbc8afe60d4a7c399a00990bdd1439f5a9b5002413bcc98acf6251d
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b07871f016581e9d6d67632bc54ced898fa19754c3a1f3ebb46360f77bcb4545
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24557f61bcba5932dd1faa2b2474940b810969cbcb51548309dc3f194b63640
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8699f6252d0f9c04a5a4a6df0a16df02fcf635b0ebe61fa573d8daf53cfed14
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb23ca48964bdd054c7dfaaab6e417c5d1aa77c2665406bbb4354a9cd94edf56
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be038188cb8dce26d14376e53ec0ec8b14e14cc7bc4e6e37e2801df145f81280
beeefb3d8f734852db26323e9e0716529366f4421236c3b357076488155e6cdc
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c51dba5b49a56ec08a03a6c4417773f2572e548436d2734e9f487fbd868bf3dd
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c99ffa666406b233d0791d6f9c7b4675c37ae1e537813b213bc3968a95321355
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d77e2a39cd4508a3bbd54ec697baeea0e168bbf42ddcf0fb341b7df42bc37a46
d95695a8870551e408a0bf064e619baaf4e5c962477ee91fcfa9b7175f038124
d96184760f3ef2005e1d579d6ef415ce137852f99847810017a50171bda5941b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1b797d8e38aa00ee3ced13e03fb5febe94be0f9ddb7da6f585d69944915463f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fa51d93e1bdcd773bb670be3adbef42cedc2356189713e764c4210b60fe55d
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea36e9104604853976b38e5a3af59c3ef656fd3a83a6ad63fb4c8ec498eee18e
ed41a0ec0e4c3cfca725790410e69259d1d30c07fb91c789f1485fb87d0f4eff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0658601ec218af17ef062c0a57a3fb492033a478223a053975eeae25f87e275
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f62111a3be7f54398675c7786c98d5eeb3b5f1e94d91a342c0294ffb189acfb7
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

kichwahits.com Open in urlscan Pro 2a07:7800::183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

97 %HTTPS

54 %IPv6

30 Domains

58 Subdomains

53 IPs

7 Countries

2178 kBTransfer

8880 kBSize

14 Cookies

6 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kichwahits.com Open in urlscan Pro
2a07:7800::183 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

97 %
HTTPS

54 %
IPv6

30
Domains

58
Subdomains

53
IPs

7
Countries

2178 kB
Transfer

8880 kB
Size

14
Cookies

150 HTTP transactions
6 data transactions