kansk.org Open in urlscan Pro
2606:4700:3030::6815:179d  Public Scan

52 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9550.F1nFVb164buWBy2xS9HmN37ZXsteVnUdIre6c_7Qad7S7L9Htzb-3XWUH16Ov02A.hiHxBupVhgcBY3mN1fwXnjEnWrk%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9550.upbRREFhm8MkhSWxZS6jxe4M8voR3lDzrhd0hB6bGRV8mvBzq0P0GGSmqXOiIw_wyLbWSfYYY8I81NJc1vmskg%2C%2C.IMv7kGaRpg140lmZQRafo9T3ojM%2C

Request Chain 51

• https://mc.yandex.com/watch/83180614?wmode=7&page-url=https%3A%2F%2Fkansk.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A799%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A123926506701%3Ahid%3A497618021%3Az%3A0%3Ai%3A20220215195141%3Aet%3A1644954701%3Ac%3A1%3Arn%3A743177962%3Arqn%3A1%3Au%3A1644954701645978415%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644954699790%3Ads%3A14%2C208%2C352%2C99%2C0%2C0%2C%2C3%2C0%2C1243%2C1243%2C1%2C714%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644954702%3At%3A%D0%97%D0%BD%D0%B0%D0%B5%D0%BC%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%202022&t=gdpr(14)aw(1)ti(2) HTTP 302
• https://mc.yandex.com/watch/83180614/1?wmode=7&page-url=https%3A%2F%2Fkansk.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A799%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A123926506701%3Ahid%3A497618021%3Az%3A0%3Ai%3A20220215195141%3Aet%3A1644954701%3Ac%3A1%3Arn%3A743177962%3Arqn%3A1%3Au%3A1644954701645978415%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644954699790%3Ads%3A14%2C208%2C352%2C99%2C0%2C0%2C%2C3%2C0%2C1243%2C1243%2C1%2C714%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644954702%3At%3A%D0%97%D0%BD%D0%B0%D0%B5%D0%BC%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%202022&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 99

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkansk.org%2F&domain=kansk.org&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=nDhmWXxkeW0wQXZ4MW9Hei9VWE51NGNmQmZxd0llbTZweGFnR2hxcGFiNUVORW8zaVJLV0dqNEUzTGM4Vmh2WHBWSU9WeUhLVzFFZG1ycHppZHVGVlhXOStMZnp6VndSRURiUzZkYUwzS2FzV3FQM2JqWG80L05MaVY4RUJ0WTVoWCs2YmxmbDlIUDNmTnViK3dGaFZvT0tlcnROSFBKd0RzdkNkQnZ5T3BxdmZnMGtoYUdtdzNpb3VycUNYc0E2T2JKZzVXQm1zUlR4K3hodDN6TVczeTdXTVlIajdHUTVqMVJtUU5pRmVEWUR0d0VzPXw&cppv=2

Request Chain 107

• https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
• https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb4774028-8e98-11ec-8672-0a36a5c932cb HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb4774028-8e98-11ec-8672-0a36a5c932cb

Request Chain 109

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8872113371434408875

Request Chain 110

• https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ed2cf264-a100-4521-893d-12b7ba248602

Request Chain 111

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8872113371434408875

Request Chain 112

• https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
• https://sync.quantumdex.io/setuid?bidder=between&uid=e593de4f-f7ab-532e-bee9-339fdce537ce

Request Chain 113

• https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=e071d189-8ad3-f9b9-c822-3a71b8ffdec2

Request Chain 115

• https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-F8Rb6oBE2uGvbrBzV1.V8pg8n7WKx3M9iVlo2is-~A

Request Chain 118

• https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 124

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgwEUbX-IEsAWzZza390mAAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFfOWdlXOWYjnHpvV1IFW8U&google_cver=1&gdpr=1

Request Chain 126

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgwEUbX_IEsAWzZza390mAAABGsAAAIB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgwEUbX_IEsAWzZza390mAAABGsAAAIB&dcc=t

Request Chain 128

• https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

Request Chain 129

• https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FZyKkhOaj8AOl4mTG52XwhWXj5QOyNvEQspYu9tg

Request Chain 130

• https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=38a9620c-0451-4d00-a1c2-793036bb7910&gdpr=1&gdpr_consent=

Request Chain 131

• https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4161660752806682793

Request Chain 135

• https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:38a9620c-0451-4d00-a1c2-793036bb7910&gdpr=0&gdpr_consent=

Request Chain 137

• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v0jHvCouQ3eliaOpexdySg%3D%3D HTTP 302
• https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 139

• https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=38a9620c-0451-4d00-a1c2-793036bb7910

Request Chain 140

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkY0OEM3QkMtMkEyRS00Mzc3LUE1ODktQTNBOTdCMTc3MjRB&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 141

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJvzjeUaMwjIQhj3_PQv4d8&google_cver=1

Request Chain 143

• https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4161660752806682793&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 144

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=14196d5d-3a46-4fbe-b9a4-5c9c9b20be55

Request Chain 146

• https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BF48C7BC-2A2E-4377-A589-A3A97B17724A&redir=true&gdpr=0&gdpr_consent= HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-S57PYAdE2uV59kboZlcW6LVSzco7WCc-~A&gdpr=0&gdpr_consent=

Request Chain 147

• https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8872113371434408875&gdpr=0&gdpr_consent=

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response kansk.org/	30 KB 7 KB	574ms 352ms	Document text/html	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kansk.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.15 Resource Hash 706a7383da0d500b8f0e35fcbb90a475749b3269cbebc2df9dbc2896c1c7901f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 15 Feb 2022 19:51:40 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/8.0.15 cache-control max-age=86400 expires Wed, 16 Feb 2022 19:51:40 GMT access-control-allow-origin * cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FtFYvfxU5l8XFDNM7Zx02gga06p8QhHg%2F8EF3K9vAOZF0azskDRuftYxvZvI7xwTIK0zCs%2F0z8LtyHfK6umi0zm3L642WuNfcU11pIqEa4Bfz1Df5I9olI8KrdiRD9nu9R64d09Mjw%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6de1127b7b881977-EWR content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	style.css kansk.org/template/genial/css/	88 KB 47 KB	127ms 127ms	Stylesheet text/css	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kansk.org/template/genial/css/style.css Requested by Host: kansk.org URL: https://kansk.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 406f15d273e0b8476f5ebb902b158302ba57784ceaa41be9e47cb5ce04f0fe5d Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 131485 cf-polished origSize=92030 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 03 Feb 2022 13:50:51 GMT server cloudflare etag W/"1677e-5d71d6c221770" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQghc4%2B8ESNuSfWy8%2FnvOpE1Xnn54mxvu5QTWnX452vGuXjR9irDzYQHdwIVK1XNIWEJvMcf5L%2BsdMJlTcC5rmPDG2G3T6vVrYOouJkQDGzh6%2F7wISwrRrRrwjdpAwDnCU%2F4NsGsjlU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * expires Mon, 28 Feb 2022 07:20:15 GMT cache-control max-age=2678400 cf-ray 6de1127dc8ba1977-EWR cf-bgj minify
GET H2	200	cookieconsent.min.css cdn.jsdelivr.net/npm/cookieconsent@3/build/	5 KB 2 KB	87ms 52ms	Stylesheet text/css	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css Requested by Host: kansk.org URL: https://kansk.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 39305 x-jsd-version 3.1.1 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19126-FRA, cache-mxp6980-MXP timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 6de1127dbfa90f62-MXP
GET H2	404	is-my-poop-normal-1.webp a.kansk.org/healths/	0 0	368ms 344ms	Image text/html	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/healths/is-my-poop-normal-1.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET H2	404	balanitis.webp a.kansk.org/healths/	0 0	358ms 334ms	Image text/html	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/healths/balanitis.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET H2	404	degenerative-meniscal-tear.webp a.kansk.org/healths/	0 0	362ms 338ms	Image text/html	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/healths/degenerative-meniscal-tear.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET H2	404	fibroids.webp a.kansk.org/healths/	0 0	360ms 336ms	Image text/html	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/healths/fibroids.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET H2	200	all-about-baby-vision-development-1.webp a.kansk.org/health/	24 KB 25 KB	456ms 432ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/all-about-baby-vision-development-1.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37749524139d0607855fd27e46d82909641e479b9c0853b85a85da25a0b7faa1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 24638 last-modified Mon, 26 Jul 2021 00:04:14 GMT server cloudflare etag "603e-5c7fb7e587b80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1N2LV6dySxlsC34obiIB8cR%2Fur5LlWMK%2BIAJvTqyjfGi0LIjMbOy%2Fz1%2BEDyZMpjJZy0liasyGJE7ZB2AmfgJmw55mt7f%2FcQlwqiwHV92bpkjT%2B82zO3qNTIzEKv0FfoK2V7cis9R0zuDg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127de9251977-EWR
GET H2	200	top-16-ways-to-get-rid-of-nausea.webp a.kansk.org/health/	29 KB 29 KB	440ms 416ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/top-16-ways-to-get-rid-of-nausea.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8f14eec0010ad282444c05ce5a22db48b17b05e156841f90da915a97b02453c Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 29262 last-modified Sun, 25 Jul 2021 23:43:28 GMT server cloudflare etag "724e-5c7fb34140800" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpvceXiaLE7CTi74qZnjFGQ6wRQzaPBFX3Bt9wqFdCMdxU0KmY%2BT8wMhNL2KKY7xJjofYe%2Bun8UNkK1GhYsXCKpTjjZp1e%2BM9Vdh0%2F5kvSAsc9%2FMIM1Gm0WWy3HeXTTKy15fUsgfktHs1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127de92c1977-EWR
GET H3	200	understanding-medicare-managed-care.webp a.kansk.org/health/	38 KB 38 KB	114ms 111ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/understanding-medicare-managed-care.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40958b3ab31c887f4e7a7054755fad30cda4996e428021324edc196811b06ba6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 38432 last-modified Sun, 25 Jul 2021 23:42:44 GMT server cloudflare etag "9620-5c7fb3174a500" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Av2%2BBtC8qHG8NLNG1fvkrqgy4AzHI%2BXXDTFEkD6yIWHblJ91rBWpawr0urY9szT1RyWfuI%2Fc9uVb%2B1fTtH9w8Vf1RiD39oV7E3CMSnzxGr8hSQAbeqNBeUUbKepF7XtqgxyFWUkq1%2B6Ipw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde200119-AMS
GET H3	200	is-it-possible-to-unclog-your-arteries.webp a.kansk.org/health/	32 KB 33 KB	116ms 114ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/is-it-possible-to-unclog-your-arteries.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92044278e0df0eccd1254296565af5bd4c6a21dd2b1b89ebf96468dd2d581eae Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 33122 last-modified Sun, 25 Jul 2021 23:52:40 GMT server cloudflare etag "8162-5c7fb54fae200" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVX8xYNnBp0%2BMgIDeXvNswZdT2z2jZYuvYXaPz84ryGnNThBbBRWW3ekPDySFME7CsezS%2FN7Vbus5%2B87asJPi1%2FzMxNRWwzR3boc5iabaDKdZLNQHmWhgeAFKWKDqP6mtETSNzxDa0aPXQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde230119-AMS
GET H3	200	things-you-can-try-at-home-to-eliminate-bad-breath.webp a.kansk.org/health/	32 KB 33 KB	183ms 181ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/things-you-can-try-at-home-to-eliminate-bad-breath.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 028ab5a2891e26e4017bbd9a559e2281767f3f463359a3285e959301a5540581 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 32878 last-modified Sun, 25 Jul 2021 23:43:54 GMT server cloudflare etag "806e-5c7fb35a0c280" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lMhZ8ZqhmiSE4tF2oyBLIw%2BRk1wI%2BGfrbOvjhxrU%2Fz%2FSLSH3XepcrDANifmAuQ8jiEPnEXn3WBLH7IIq2RfW8VV%2BhrM%2BdrtOxf9VFgTBbTjUegiMaLlzJQNa6OA7YtYFVL7st7NPrEriw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde260119-AMS
GET H3	200	can-you-use-epsom-salts-if-you-have-diabetes.webp a.kansk.org/health/	22 KB 23 KB	189ms 187ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/can-you-use-epsom-salts-if-you-have-diabetes.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93cf7edd02a1449a11e0d3c16c9ba7ef062cee1c28b426db210ccbc905a60057 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 22522 last-modified Mon, 26 Jul 2021 00:01:20 GMT server cloudflare etag "57fa-5c7fb73f97400" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNSqnHxkb4xj%2F8SS3rmKDLDDBIP5z7JOe0BsGXc8Vwd544boPIt%2BVjae5c0RGJBsUuy1ztHqk%2BSo9GqmbgfhKWP4qwbhLHPVsEgUr4ee8pQDZDz%2FIhYLxfLWvyNYvhkz3MzzkplUGXKaDg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde270119-AMS
GET H3	200	what-is-brittle-asthma-1.webp a.kansk.org/health/	41 KB 42 KB	215ms 213ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/what-is-brittle-asthma-1.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0d052b31d299895d1ec77a99c5579b6ceaf711abb929ef20f981e3f1ff92480 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 41972 last-modified Sun, 25 Jul 2021 23:40:46 GMT server cloudflare etag "a3f4-5c7fb2a6c1b80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FVtQdr2BP9cgLZLJrOd%2FOvfvkdXpr4yvm59Iplv5byKN%2FsOsnP%2Bvb8LwuJroDGV6dYV3a38HNHs94zuWDWza6xKyp794KU9NwOGQPow9ypZjn2z0wBMwp0c3PpgvHahgj5IyQGv5lQs9g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde2c0119-AMS
GET H3	200	6-essential-oils-for-psoriatic-arthritis-worth-trying.webp a.kansk.org/health/	22 KB 22 KB	75ms 73ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/6-essential-oils-for-psoriatic-arthritis-worth-trying.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58b79c96d8cbdcb21474b6b71f7114aa8d310631533622280577c8f06412adf0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 22320 last-modified Mon, 26 Jul 2021 00:06:46 GMT server cloudflare etag "5730-5c7fb8767d180" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOLCMBxPJq4cJbhx9bKvahyxk0ETPz71ioNcFhjF6zLrpe6Z095uTwP767tio4%2BJMZs6iHJd%2BuTbvpry%2Bjf4vsQ%2Bc%2B9wG045GeCI622aD6W2TvYPNP0bquPS7qbN%2BpEXjoi6G6LsL5YHXw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde2e0119-AMS
GET H3	200	the-best-baby-walkers-of-2020-2.webp a.kansk.org/health/	30 KB 30 KB	218ms 217ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/the-best-baby-walkers-of-2020-2.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29f6d304fb9d9641232a3bd82a5fa9d088428bf62d0e0a3e15a1729dbb416094 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 30608 last-modified Sun, 25 Jul 2021 23:46:40 GMT server cloudflare etag "7790-5c7fb3f85b800" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMmD9SoiMVdiI3P82NEAnCuvc9cDALdKZmH6%2BQbXQghWvdOJDNyQ3JZYoIniJ51xzMYDDCRi5rD4jhn2UvhK0XDo8vgt3O8JJVY0AzfeHwTHx8UVd8IU0ViuxKy9wulb8jgdxDVkRfT8Ow%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde300119-AMS
GET H3	200	what-is-a-peanut-ball-and-can-it-shorten-labor-1.webp a.kansk.org/health/	23 KB 24 KB	46ms 44ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/what-is-a-peanut-ball-and-can-it-shorten-labor-1.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2be7b151d80cf2a3e9db16d7fdb2e514d97959bcf35807f01e189fe862de2412 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 23694 last-modified Sun, 25 Jul 2021 23:40:58 GMT server cloudflare etag "5c8e-5c7fb2b233680" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyHcoOssZ9diwQ1Sj3jVbvmejfoZY0Gv0vipqqmEjGKP1QqHT%2FJ2tTdT1gGWGDcfWRZWTqrPk4MfhEtQoYkBBMvMH5Hl44BVXPde4WFReBcV%2F%2BZfyD8lRvwA9cEK94YSjIycnNTwDfyACQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde330119-AMS
GET H3	200	rocket-loader.min.js Show response kansk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	35ms 35ms	Script application/javascript	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kansk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 11 Feb 2022 20:14:10 GMT server cloudflare etag W/"6206c392-302c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfD3g8vtzscFxIbZrtFQZo0Cb31J5mAqTutQ6XL1zgAQLjfJJeUPE6Rmlhm0m%2FM4bKVvSTaT9WqFlSgBUzT0g5XnsUUd93X3LSCfB1L172e9y6O1OkW1sDJQFD9wT%2BeC%2BrUrLBGyxHQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6de1127e0aa00119-AMS vary Accept-Encoding expires Thu, 17 Feb 2022 19:51:40 GMT
GET H2	200	plugin.min.js Show response get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/	389 KB 90 KB	47ms 8ms	Script application/javascript	2600:9000:225e:c600:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js Requested by Host: kansk.org URL: https://kansk.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:c600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8e2f9f15b712039aef14fc478e93b248eefd2b1ba1ccbbd6cfd1f4292d2683e1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:28:07 GMT content-encoding gzip last-modified Tue, 01 Feb 2022 15:26:58 GMT server AmazonS3 age 1414 etag W/"3b672a7708f6cf3573f2d53d5feff6ad" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront) cache-control public, max-age=3600 x-amz-cf-pop FRA60-P4 x-amz-cf-id x62yOgGm2-GsDZVGm98wup6s3dDsVNaUiQn255Gy4MqMYv_3LO8RDg==
GET H2	200	how-to-ease-anxiety-at-night.webp a.kansk.org/health/	24 KB 25 KB	411ms 411ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/how-to-ease-anxiety-at-night.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d65552a2665d25f24623be118cf406ee22365c76d92514e47f07f9f55d5c3a5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 24870 last-modified Sun, 25 Jul 2021 23:55:04 GMT server cloudflare etag "6126-5c7fb5d902600" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFu%2FSqoQ0GlxOx3eoxECQCfN6uh63oMhTPfYut1Va3vRxs33Y0q43D7cpxt16aV3EsppVXaVxY1fEgAXLp%2F8ICoSIOyrhlWAggCLf227L5rwsuAFquABH%2BOFgTM%2BH8qN%2B7fR5%2BKrdeU2Sg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127eeb711977-EWR
GET H3	200	are-rest-days-important-for-exercise.webp a.kansk.org/health/	40 KB 41 KB	248ms 246ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/are-rest-days-important-for-exercise.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 350678e503b1e702ff676c203e5b788ac36b5be34695d852f2a2bb70421856c3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 40974 last-modified Mon, 26 Jul 2021 00:03:40 GMT server cloudflare etag "a00e-5c7fb7c51af00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7G%2BvMejwX%2Fm%2FaY%2BJ%2Bo7vp9nw5O7smCQGm3eYwLNt97Lfeq0coZ5rhzj5z7c%2FrmfocHf5%2Fo9ANdNQeRPHX8Q%2BGwpX6SzPOVITJc%2FUpf%2FeLT%2BL2R05mUu5pzoMwTYf%2FonhPU2ZS3jEz5S01A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde350119-AMS
GET H3	404	overly.png kansk.org/template/genial/img/sidebar/	317 B 317 B	35ms 35ms	Image text/html	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kansk.org/template/genial/img/sidebar/overly.png Requested by Host: kansk.org URL: https://kansk.org/template/genial/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.15 Resource Hash d360450fb9ee3437df836818266b8b71b1821bd243853e628e8b5cd5441220be Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/template/genial/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 x-powered-by PHP/8.0.15 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndu9q4bYQsfXcVFNWlSlZYs%2BDjoyWnBV5es1nnZClAHwtOhsnXFwTAUgFtYGH1toEhFdaemgA2fZAkfILFlqibwJZ74ZvUsZBlVXBjk0%2BZ1jNAHDnf2E1OYR%2FxNoCZi6clqI8ky8WZs%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=2678400 cf-ray 6de1127e6b2c0119-AMS expires Wed, 16 Feb 2022 19:51:32 GMT
GET H3	200	trypanophobia.webp a.kansk.org/health/	30 KB 31 KB	253ms 251ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/trypanophobia.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9949ce224aa5e0871871f6d4b97ccb0f839cefb95053b2ec45b437687bfa6d70 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 30984 last-modified Sun, 25 Jul 2021 23:43:04 GMT server cloudflare etag "7908-5c7fb32a5d200" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aSLF8szhB7RNbXodPYYLM2x%2Ff08qOQWeDOAGTmUGNNORZg3tQbHyYL%2F3v0EKGMUO7UkcE2Hv1c6kSpqg5MCmUBauM7xB2gvD8iRYukwl2jMnYSNZtgsXJ5yAelCUgdB%2F0aKaC378DNSzQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde370119-AMS
GET H3	200	how-to-identify-and-treat-a-hyperextended-elbow.webp a.kansk.org/health/	31 KB 32 KB	256ms 253ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/how-to-identify-and-treat-a-hyperextended-elbow.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b25ab67db6f6bdbc0a85648cd6181880ccec25c8f87a7cd8c7b9a01892422592 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 31952 last-modified Sun, 25 Jul 2021 23:54:42 GMT server cloudflare etag "7cd0-5c7fb5c407480" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heDtKuLlh%2BjbrzsM%2B1VSr1GAeP%2BUuK%2Ffrn%2FTdjiCYjoGYTmjoz1iS9%2B3alk%2BwufkApCRQRdCRtEVD1C8jbX7p4o1dkcy275OfUSdUP8bj37YODveNfcRVzMXT8Fab5DFgeKqWpmpVgKHcQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde3e0119-AMS
GET H3	200	are-pink-dye-pregnancy-tests-better-1.webp a.kansk.org/health/	20 KB 21 KB	260ms 257ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/are-pink-dye-pregnancy-tests-better-1.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45dde29e2a5f69abc835be9d5d7a49c9bb5d847b92bc2671e3ede3bf8875899a Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 20936 last-modified Mon, 26 Jul 2021 00:03:40 GMT server cloudflare etag "51c8-5c7fb7c51af00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UO5s9T9duhM0SVRP7syxURt%2BkcuaYSIzuUeqdMpTN34a8vbNIPqFeBkE4v%2FD2LwHjzJqqyga1%2B2g%2BvLDlIRr9A5XEXoC7hr%2FF2LJY8bY%2FW51M7Mb7YuKjZiqyMssRlNQhyvXCHBFiwVl%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde400119-AMS
GET H3	200	how-to-recognize-and-treat-kratom-addiction.webp a.kansk.org/health/	17 KB 18 KB	262ms 260ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/how-to-recognize-and-treat-kratom-addiction.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42bcee78a8fd9f3e4404f8fdaa0823a379045c8593273f79e7a67092eb7029f8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17368 last-modified Sun, 25 Jul 2021 23:54:20 GMT server cloudflare etag "43d8-5c7fb5af0c300" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FvCnIsFbLubftKdVgiFxvwp4cNgKyumt6gyk%2B42FfXySr50FBQvsBUxKqEsza0%2B7iQpZfj88EI%2BSe9M5Y5DJONB74V9ggnaOgS%2B6xGagQcIjdlv84fVit0b5EhBnSZQRXGkfKoAkzmxFA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde410119-AMS
GET H3	200	depression-after-a-miscarriage.webp a.kansk.org/health/	7 KB 8 KB	264ms 261ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/depression-after-a-miscarriage.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1cc57961d0f9abe2a41ecc3ac20e5896d6adbb73522a9479a3c405fb2ccb67cd Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7242 last-modified Mon, 26 Jul 2021 00:00:10 GMT server cloudflare etag "1c4a-5c7fb6fcd5680" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRAuvIkOGEh8wOSnJizXgHC0SnzsCdM6GeYHkLHr5UrbTjh67P6s9zrP0IRlKrVGurPENB9CMssJFRPFWMTOQiGZ%2B%2Fp5BU23Yc2tUdnwwaRshUrttr7Kbb8GaVztwkzl8mA07hbtWDGm0A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde440119-AMS
GET H3	200	influenza-b-symptoms.webp a.kansk.org/health/	36 KB 36 KB	265ms 262ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/influenza-b-symptoms.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13350b1208c8141ed0814e34d301ca0077bbe11a5e7ea5f8dd52780d80a45b5b Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 36752 last-modified Sun, 25 Jul 2021 23:53:14 GMT server cloudflare etag "8f90-5c7fb5701ae80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boVfza6uSAoAYGZ8asxdXIF%2BYhqubEQvzuvkRSZxcRBLIdOSmN02OXrVPZsU7ZrJ%2BDdwHfnYJ6tGr79kmNXus6hMnRINsoz5AZfc15ECJgdAjMxeNe5M%2Bh63l9lppYCnq4o9LY0IJqBFvw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde460119-AMS
GET H3	200	whats-causing-my-feet-to-cramp-at-night-and-how-can-i-get-relief.webp a.kansk.org/health/	19 KB 19 KB	282ms 279ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/whats-causing-my-feet-to-cramp-at-night-and-how-can-i-get-relief.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e45e16a85a054eda6f72a347b0bc9db016f8ae444b3dfd2875ef145436420a0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 19256 last-modified Sun, 25 Jul 2021 23:39:00 GMT server cloudflare etag "4b38-5c7fb241aad00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFr3IPFCdVB6IjRRVOuPS74Jw6eGG4vwP7ZJHxEB5GHqqCVJnIIudUDId%2BBjt3KISGFnegQV80QYE1RaNpNBWr%2FubhxF4RBz%2FmPwBeGVYRjNpdu%2Fz1e4xgbRccqcFSA2OikmZyoDD5AFlw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde480119-AMS
GET DATA	200 OK	truncated /	41 KB 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/webp
GET H3	200	diagnosed-with-endometriosis-what-to-expect-in-the-journey-ahead-1.webp a.kansk.org/health/	35 KB 35 KB	284ms 282ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/diagnosed-with-endometriosis-what-to-expect-in-the-journey-ahead-1.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56d1d4949f7811b8a35b449445fabcb4faf409adf905cce698c081c02f93927e Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 35554 last-modified Sun, 25 Jul 2021 23:59:58 GMT server cloudflare etag "8ae2-5c7fb6f163b80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04XjFYeZMdgfohqFPX%2FljI0V7itdBHfR3K7GP0XcPQb6OZ1H6G4kWJ4Y%2Bab72SKddk9cbXdoaNifckOx21qeh514w%2BHudo1N9w0J4hzrc0QqdwZI%2FViznQiVyJbuW0156EgNE1WfHfQIrw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde4b0119-AMS
GET H3	200	what-you-can-do-if-youre-not-sexually-satisfied-in-your-relationship-1.webp a.kansk.org/health/	31 KB 31 KB	293ms 290ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/what-you-can-do-if-youre-not-sexually-satisfied-in-your-relationship-1.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8623fd1975531af83ab72d7e20e9065443b726f5251adc9f2a53546508aa1953 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 31266 last-modified Sun, 25 Jul 2021 23:39:28 GMT server cloudflare etag "7a22-5c7fb25c5ec00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mq26czZI5zQNm9oA8hGsyOicWRvgAGIS%2BmklG0sCAhSygqxV1voiGcsW7LWR2jGJNB7hZ6GzF9tmDCveAGjY9JEd7Exf2GMn4CwTz3yBnBOW%2FVxo4AAfOCwnORLfD2LAEnDLU5HKh%2BCHRA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde4c0119-AMS
GET H3	200	all-about-nanoblading-for-eyebrows-and-lips-1.webp a.kansk.org/health/	33 KB 33 KB	296ms 293ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/all-about-nanoblading-for-eyebrows-and-lips-1.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b2399acff8823caa1ede28ba14f6ce3cb7d3083c18c1ff7f7f87dad52f5bbb1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 33726 last-modified Mon, 26 Jul 2021 00:04:08 GMT server cloudflare etag "83be-5c7fb7dfcee00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iv%2F%2BOKNvOawXIEmIp4xN2zT2lbtSqpg3LvsTyu%2Fp3NQ6QKbjXCb06f6bMQylFhiE%2F5nCXyqPUGTnrndx2PobMmCS4RbDxY0rM0ClDM0sYiflvyxSIrZjnPgTOYNAcm8oY%2BhUn7SH8dsuzQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde4d0119-AMS
GET H3	200	faces-of-advancing-diabetes-4.webp a.kansk.org/health/	18 KB 18 KB	299ms 296ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/faces-of-advancing-diabetes-4.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d12a3994ea6496668a10e80c3f44304a5541016b409a8fc3617ab06c7bd5a5d Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 18340 last-modified Sun, 25 Jul 2021 23:57:56 GMT server cloudflare etag "47a4-5c7fb67d0a900" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSALaqgzY9fOb87ndhFgNAkbk8OTLJp2k0AT1TiQZfMyzLO8ofl89yNc5D55Dgji6sHQY8Gv7TBsBd%2F2BkIUrUw45IkfbplukaGn5WdJnR19Np4mLKb8T7lQiqikCITB%2BA%2BSHQ7zv6KPjg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde4e0119-AMS
GET H3	200	how-to-know-if-your-crohns-is-advancing-1.webp a.kansk.org/health/	37 KB 37 KB	301ms 298ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/how-to-know-if-your-crohns-is-advancing-1.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e7eaf02545a8d4e65f04b0f49171a56a2ac254c8c6ea3bc03497c4739a095cf Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 37440 last-modified Sun, 25 Jul 2021 23:54:34 GMT server cloudflare etag "9240-5c7fb5bc66280" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mu5r4ldY4ao3gsz34ahU86gzpxMjhtFWNKVtKbfCwX2YrVwGAm%2FZLPKbJMgb9T50z3lvww%2FQfDyPQwahoC%2Bg7kxq5ywyz%2F6BxjWzIx%2BYvbfdGTEZqiR%2FvPa0klU1T6DYszu8LpXynuUnQQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde500119-AMS
GET H3	200	managing-the-symptoms-of-ibs-d-1.webp a.kansk.org/health/	49 KB 50 KB	304ms 301ms	Image image/webp	2606:4700:3030::6815:179d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.kansk.org/health/managing-the-symptoms-of-ibs-d-1.webp Requested by Host: kansk.org URL: https://kansk.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:179d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ee791e986769333ae1657b35704b38391b7c11cffb73e355fac82a0822d0685 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:40 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 50646 last-modified Sun, 25 Jul 2021 23:51:36 GMT server cloudflare etag "c5d6-5c7fb512a5200" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMFcWTSapeWpmwXWB3855LluE%2BeQW4cpqPgmvr1ao7pPC47CcgwrkQTM9vt0vhd2xz2z5S%2F%2BQNZifTqnYNV86W1IXkniAb4I7g8iYS1nvmka3m7bcPVzFYv6BAV9NDBtL53tY3ZtE9uKNQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes cf-ray 6de1127fde530119-AMS
GET H2	200	cookies_gdpr.js Show response cdn.zx-adnet.com/consent/	34 KB 10 KB	136ms 72ms	Script text/javascript	151.101.1.195 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.9899793140146811 Requested by Host: kansk.org URL: https://kansk.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.195 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31556926 content-encoding br last-modified Sun, 30 Jan 2022 07:45:32 GMT x-timer S1644954701.101190,VS0,VE61 etag "e816600dd00bd96b1fef78362730b72e57d5bac88839b4da007d48db85d79519-br" x-served-by cache-hhn4034-HHN vary accept-language, x-country-code, x-fh-requested-host, accept-encoding x-cache MISS content-type text/javascript; charset=utf-8 cache-control no-cache date Tue, 15 Feb 2022 19:51:41 GMT accept-ranges bytes x-cache-hits 0
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	198 KB 68 KB	155ms 70ms	Script application/javascript	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: kansk.org URL: https://kansk.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:41 GMT content-encoding br last-modified Wed, 09 Feb 2022 12:47:03 GMT etag "62038d97-10e38" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 69176 expires Tue, 15 Feb 2022 20:51:41 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	81 KB 27 KB	52ms 21ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software sffe / Resource Hash 3703389c8819062194a11cf420e6244e9a0ea9e173f6c73ed8e14cf41c1822cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27280 x-xss-protection 0 server sffe etag "1133 / 805 of 1000 / last-modified: 1644926774" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 15 Feb 2022 19:51:41 GMT
GET H2	200	prebid5.14.0.js Show response get.optad360.io/sf/	460 KB 142 KB	11ms 11ms	Script application/javascript	2600:9000:225e:c600:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/prebid5.14.0.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:c600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 23 Sep 2021 08:09:18 GMT content-encoding gzip last-modified Thu, 23 Sep 2021 07:59:54 GMT server AmazonS3 age 12570144 etag W/"6dd0a13bde35d2daa452bba998871016" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront) cache-control public, max-age=360000000 x-amz-cf-pop FRA60-P4 x-amz-cf-id 3U71nvVe8EPJRz-DIzvBxRoUY21Jz3yi64KZRTtveyZpTSS-YpmcpA==
GET H2	200	sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response cdn.zx-adnet.com/consent/	341 KB 66 KB	13ms 12ms	Script text/javascript	151.101.1.195 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Requested by Host: cdn.zx-adnet.com URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.9899793140146811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.195 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31556926 content-encoding br last-modified Sun, 30 Jan 2022 07:45:32 GMT x-timer S1644954701.184791,VS0,VE1 etag "903d4e9708a69e8cc899413e10c8bd8c12ff0e8553c05df46fc83d843518567b-br" x-served-by cache-hhn4034-HHN vary accept-language, x-country-code, x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control public, max-age=315000 date Tue, 15 Feb 2022 19:51:41 GMT accept-ranges bytes content-length 67057 x-cache-hits 5
GET H3	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	73ms 44ms	XHR application/json	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220215 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09a546e7358e4dad9ce3f48afd5e59695a724f04becd6451980c7186fad3f0cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers date Tue, 15 Feb 2022 19:51:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS x-jsd-version 1.0.1253 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19140-FRA, cache-mxp6928-MXP timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"6a0-RO4We27WtK8+9LAr+u0Wuauf5KU" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 6de11282ce368397-MXP
GET H3	200	pubads_impl_2022021001.js Show response securepubads.g.doubleclick.net/gpt/	358 KB 120 KB	26ms 9ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software sffe / Resource Hash 7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:29:40 GMT content-encoding gzip x-content-type-options nosniff age 1321 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 122668 x-xss-protection 0 last-modified Thu, 10 Feb 2022 09:35:14 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 15 Feb 2023 19:29:40 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	28 B 68 B	32ms 16ms	XHR application/json	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kansk.org Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 6b9225aa7de87619cf2d0dd49d9798b9a51517312a38a1181e7d4e53671b79fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Tue, 15 Feb 2022 19:51:41 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44 x-xss-protection 0 expires Tue, 15 Feb 2022 19:51:41 GMT
GET H2	200	ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response cdn.zx-adnet.com/consent/	230 KB 37 KB	112ms 111ms	Script text/javascript	151.101.1.195 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Requested by Host: cdn.zx-adnet.com URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.195 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31556926 content-encoding br last-modified Sun, 30 Jan 2022 07:45:32 GMT x-timer S1644954701.306361,VS0,VE101 etag "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br" x-served-by cache-hhn4034-HHN vary accept-language, x-country-code, x-fh-requested-host, accept-encoding x-cache MISS content-type text/javascript; charset=utf-8 cache-control public, max-age=315000 date Tue, 15 Feb 2022 19:51:41 GMT accept-ranges bytes content-length 37832 x-cache-hits 0
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9550.F1nFVb164buWBy2xS9HmN37ZXsteVnUdIre6c_7Qad7S7L9Htzb-3XWUH16Ov02A.hiHxBupVhgcBY3mN1fwXnjEnWrk%2C https://mc.yandex.com/sync_cookie_image_decide?token=9550.upbRREFhm8MkhSWxZS6jxe4M8voR3lDzrhd0hB6bGRV8mvBzq0P0GGSmqXOiIw_wyLbWSfYYY8I81NJc1vmskg%2C%2C.IMv7kGaRpg140lmZQRafo9T3ojM%2C	75 B 75 B	34ms 34ms	Image text/html	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9550.upbRREFhm8MkhSWxZS6jxe4M8voR3lDzrhd0hB6bGRV8mvBzq0P0GGSmqXOiIw_wyLbWSfYYY8I81NJc1vmskg%2C%2C.IMv7kGaRpg140lmZQRafo9T3ojM%2C Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:41 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9550.upbRREFhm8MkhSWxZS6jxe4M8voR3lDzrhd0hB6bGRV8mvBzq0P0GGSmqXOiIw_wyLbWSfYYY8I81NJc1vmskg%2C%2C.IMv7kGaRpg140lmZQRafo9T3ojM%2C date Tue, 15 Feb 2022 19:51:41 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 112 B	34ms 34ms	Image image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:41 GMT last-modified Wed, 09 Feb 2022 12:47:03 GMT etag "62038d97-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Tue, 15 Feb 2022 20:51:41 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	37ms 15ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=kansk.org Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Tue, 15 Feb 2022 19:51:41 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	42ms 19ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=kansk.org Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Tue, 15 Feb 2022 19:51:41 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	423 B 259 B	51ms 50ms	XHR text/plain	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3495254016862615&correlator=4208664883046346&output=ldjh&eid=31061815%2C31064540%2C31060033&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fif&gdpr_consent=CPUeCsHPUeCsHAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=121764058%3A22612148122%2Cncmhcso.org_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&dt=1644954701529&lmt=1644954701&dlt=1644954700368&idt=986&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1200&adks=3637391505&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fkansk.org%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&ga_vid=402486461.1644954702&ga_sid=1644954702&ga_hid=701537801&ga_fc=false&fws=644&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 9b8e2d35662a6e13b21da8d22d8ab382aebb56a558b7322c962cebccb36b2fc2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:41 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 229 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://kansk.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	13 KB 10 KB	46ms 20ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021001&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 19c6dd296ea8bfa4b42d0e69f2a19b15b389814dc52f003c7ef978de53c7ca27 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Tue, 15 Feb 2022 19:51:41 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9804 x-xss-protection 0
GET H2	200	container.html Show response b830d6a24a2e0b8c5c255b2cc69f1395.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6F95	6 KB 4 KB	80ms 18ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b830d6a24a2e0b8c5c255b2cc69f1395.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Tue, 15 Feb 2022 19:51:41 GMT expires Wed, 15 Feb 2023 19:51:41 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	1 Show response mc.yandex.com/watch/83180614/ Redirect Chain https://mc.yandex.com/watch/83180614?wmode=7&page-url=https%3A%2F%2Fkansk.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A799%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-... https://mc.yandex.com/watch/83180614/1?wmode=7&page-url=https%3A%2F%2Fkansk.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A799%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...	331 B 413 B	35ms 35ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/83180614/1?wmode=7&page-url=https%3A%2F%2Fkansk.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A799%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A123926506701%3Ahid%3A497618021%3Az%3A0%3Ai%3A20220215195141%3Aet%3A1644954701%3Ac%3A1%3Arn%3A743177962%3Arqn%3A1%3Au%3A1644954701645978415%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644954699790%3Ads%3A14%2C208%2C352%2C99%2C0%2C0%2C%2C3%2C0%2C1243%2C1243%2C1%2C714%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644954702%3At%3A%D0%97%D0%BD%D0%B0%D0%B5%D0%BC%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%202022&t=gdpr%2814%29aw%281%29ti%282%29 Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash a635865ed92982e6ba754097da3c4e43f6cd09b2b4f9b11e4574583fe698829e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 15 Feb 2022 19:51:41 GMT x-content-type-options nosniff last-modified Tue, 15-Feb-2022 19:51:41 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://kansk.org cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 331 x-xss-protection 1; mode=block expires Tue, 15-Feb-2022 19:51:41 GMT Redirect headers pragma no-cache date Tue, 15 Feb 2022 19:51:41 GMT last-modified Tue, 15-Feb-2022 19:51:41 GMT location /watch/83180614/1?wmode=7&page-url=https%3A%2F%2Fkansk.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A799%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A123926506701%3Ahid%3A497618021%3Az%3A0%3Ai%3A20220215195141%3Aet%3A1644954701%3Ac%3A1%3Arn%3A743177962%3Arqn%3A1%3Au%3A1644954701645978415%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644954699790%3Ads%3A14%2C208%2C352%2C99%2C0%2C0%2C%2C3%2C0%2C1243%2C1243%2C1%2C714%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644954702%3At%3A%D0%97%D0%BD%D0%B0%D0%B5%D0%BC%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%202022&t=gdpr%2814%29aw%281%29ti%282%29 strict-transport-security max-age=31536000 access-control-allow-origin https://kansk.org cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 15-Feb-2022 19:51:41 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	36ms 14ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 15 Feb 2022 19:51:41 GMT
OPTIONS H2	200	openrtb adx.adform.net/adx/ Frame	0 0	81ms 25ms	Preflight	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://kansk.org User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Tue, 15 Feb 2022 19:51:41 GMT access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods POST,OPTIONS access-control-allow-origin https://kansk.org access-control-max-age 86400 allow POST,OPTIONS cache-control no-cache, no-store, must-revalidate, no-transform expires -1 pragma no-cache p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	localstore.js Show response script.4dex.io/	483 B 944 B	176ms 76ms	Script application/javascript	2606:4700:20::681a:9a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:41 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 166999 x-amz-request-id tx8a9eacc7b532418f8d353-00620977f5 x-amz-id-2 tx8a9eacc7b532418f8d353-00620977f5 last-modified Sun, 13 Feb 2022 21:27:35 GMT server cloudflare etag W/"922cffdd75f7192f75231d92684885aa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NgeTAf6aQYuivOs3UR6IAmF6MYjAVsD8ni8qpJhUyorfzm%2FFvxk2wU27SZdgX3LyLnANp%2FaOad%2Bd9GSx%2B6u3eEpIKypmiYl%2Bipa9kLCoJP1uUWh00TUP8o4bCEJ4p3%2Fk9aEmutiC6L9JpAr"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=1800 x-amz-version-id 1644787655409471 cf-ray 6de11285bbdf9506-LIS
POST H2	204	apacdex Show response useast.quantumdex.io/auction/	0 334 B	199ms 128ms	XHR text/plain	2606:4700:10::6816:2560 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://useast.quantumdex.io/auction/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers date Tue, 15 Feb 2022 19:51:41 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods POST, GET access-control-allow-origin https://kansk.org access-control-allow-credentials true cf-ray 6de112857b380e16-MXP
POST H2	204	c Show response prebid.a-mo.net/a/	0 344 B	402ms 210ms	XHR text/plain	145.40.89.200 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://kansk.org date Tue, 15 Feb 2022 19:51:41 GMT cache-control max-age=0, private, must-revalidate access-control-allow-credentials true server envoy x-envoy-upstream-service-time 116 vary origin, Accept-Encoding
POST H2	204	/ Show response ssp.wp.pl/bidder/	0 170 B	113ms 33ms	XHR text/plain	212.77.99.29 WIRTUALNAPOLSKA G...
General Check archive.org Show headers Download Go to Full URL https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL), Reverse DNS ssp.wp.pl Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://kansk.org date Tue, 15 Feb 2022 19:51:41 GMT access-control-allow-credentials true server nginx accept-ch device-memory, dpr, width, viewport-width, rtt, downlink, ect vary Origin accept-ch-lifetime 604800
POST H2	204	bids Show response prebid-eu.creativecdn.com/bidder/prebid/	0 171 B	83ms 27ms	XHR text/plain	185.184.8.65 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-65.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://kansk.org date Tue, 15 Feb 2022 19:51:41 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	10 KB 5 KB	484ms 448ms	XHR application/json	185.33.220.100 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b386fd79fa4578d721dbe4f3d6f044435fa30e8d71b19d4f478444afaae973f Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers Date Tue, 15 Feb 2022 19:51:42 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 217.64.151.5; 217.64.151.5; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 2a88fe7a-53c4-44c2-a861-a5509efae2b5 Server nginx/1.17.9 Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://kansk.org Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	openrtb Show response adx.adform.net/adx/	0 405 B	106ms 68ms	XHR text/plain	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Tue, 15 Feb 2022 19:51:41 GMT server nginx access-control-max-age 86400 access-control-allow-methods POST,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://kansk.org cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame A98F	13 KB 5 KB	31ms 15ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Tue, 15 Feb 2022 19:51:11 GMT expires Wed, 15 Feb 2023 19:51:11 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 30 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame F656	783 B 1 KB	42ms 16ms	Document text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 1d0a275544e4bec09fbdf66d3cef8a365725c9518f3761da77ca5e106092671f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-J5XI71mI69Y8A8ClnksZtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Tue, 15 Feb 2022 19:51:41 GMT date Tue, 15 Feb 2022 19:51:41 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-J5XI71mI69Y8A8ClnksZtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 514 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response pagead2.googlesyndication.com/bg/ Frame A98F	35 KB 13 KB	22ms 7ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:43:49 GMT content-encoding br x-content-type-options nosniff age 472 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13552 x-xss-protection 0 last-modified Tue, 08 Feb 2022 16:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 15 Feb 2023 19:43:49 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame F656	0 0	64ms 56ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021001&jk=3495254016862615&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET H2	200	adagio.js Show response script.4dex.io/	72 KB 23 KB	108ms 73ms	Fetch application/javascript	2606:4700:20::681a:9a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:41 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id tx0d040ce757df439db6aed-00620a7014 cf-ray 6de112866d8559ef-MXP access-control-max-age 3000 access-control-allow-methods GET x-amz-id-2 tx0d040ce757df439db6aed-00620a7014 last-modified Sun, 13 Feb 2022 21:27:34 GMT server cloudflare etag W/"30fd6d2dd89cb7d26d6396caca2f6c6e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RbMCQwduuYXnV1f7W06qjEiBj1HWrE3j6XOF9LBWTMI3MbXOaXzilkE29A5XeF5Jn7h%2BR0Y4ZbrenWGqpALHvOxNNnMX9IPYlq4%2F1dfiJlRJRXhna9%2B3eiOUMZjyfJinBNNsrYCIWy5bbC2"}],"group":"cf-nel","max_age":604800} x-amz-version-id 1644787654356307 access-control-allow-origin * cache-control public, max-age=1800 access-control-allow-credentials true content-type application/javascript access-control-allow-headers Authorization
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame A98F	0 9 B	6ms 6ms	Image text/plain	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?Mev_3Q Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:41 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	48ms 48ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021001&jk=3495254016862615&bg=!w8ClwITNAAbAtJCDwLQ7ACkAdvg8WmqL_gIQoxK0Vr38YYrU1fE_Uh_dc9YxhRM-ktzh6NbDOp4XuAIAAABLUgAAAAJoAQcKAMI60iuxTvh00sUHQK8HIpMe6xA1gIRPhbDcNXh3NoG3FFqGMJvMX6QY6SkvTpRC7nGqhnOn7wFNtJ467m2bX4cnxFAnIGyAhQn40rxW4g8fIM7CQQktNU-FQNO-USsRZzYrbqSKIrVzbkxlIPAPqQWm6xcAzIATfZAhIKWcCLy5sh2zxW0p7VT3NUQGgG5DVBJx_O9tbu5gsczN2irDDFvYIMKCWOPIl8Qnyzuu51khPphHjbavGdFlzU83Vqzzycg92ZkCzABPO58eLDj8dzPy1KC6fsbMZkzyht0U2ROnz8OWk55Ux_xdtSEqFTfUegREXgbUT5UC74sepQv08CO36MrZxJPPX90FwY-06b64smuULXU4tzrYQWgJrVGNO05HfAzKEwEpUKBiUyPsRBhyG9dgBd8xH2C8ime0FRh4E1jR5tEcO1WKjaOAZzrcZih_8bCl6mY9IMaNKLGo8wFfJXL68F4qyn9jNmuwAr3V79AVL7iIjLi3JYcHH3G_ct7pllOdxRNDVmLv8z0tQxWZoL_JvEuWdayIyfCHFzx-yl8Pft97xu8Bw7z_YNDOL4q2UI2jgZYtHusqBx6We-L29QVb-Rj27dwAlzkSOmgrRwCQVJfM_IWipcwK2utZuOrxgVSXj6m7b8sSSUHP4n1XfYYF322HIfUY-UU0aHlwwwJtI5RKqzStRXPsjB42qXuZ5mkAGirh-thosBAfFUqThfoENMbqTO_NcN-r6DceH6hJ_6jUnzJPOZCtKJ6ymGErUAzQJn_tDG_pX0XOXydtWqh3d8xQTt0tPIoEozOwn-ktVjBAcmxu_CUZQzCpYXwUJNv6XFrBXjyvKJKKT3JOJhw-tAwOzyxWMgw5Gd_G8AJYnQtUxbq3K7ytZoTspJVC55jWMwx4bc55ruTZhUb4wbbxA37p13iCIyftB02Kq3BZMu9rsf2XBRr_enqUbU1zrXLQDLmxEmdd_EU8hc1dIWESvp_MzdrWn3FyGgy5yZQKDwohRORGR0TaO4xF_oGMrms6xdqIhONJKWICsRadnjYwrGk61blSZsTy6vM9sxSXFV537MnJThpQqC8mMSyEUHCoT2H3Gm0MVqQUPSJWQwRY7hh7umNX12MMcv9jRWGhmGW_z1PjpZbTtKFdIvavMaOgIMbRgHM3DD1vBI-g_sGDy9vs9nhjrNQfhtlHzM9itQYFQTTglGLX0FJCPpcu Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 15 Feb 2022 19:51:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response track.adform.net/adfscript/ Frame F9FE	1 KB 1 KB	29ms 18ms	Script text/javascript	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/adfscript/?bn=38516439;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.008851-ZRbl7_R4FyV43b5_rcjLvBH51KcPR3Fx0;rtbr=5740827832585331349_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fkansk.org%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=KOxY41NIkNlpKR5nFt0p1pXkMkGr0vIX529k6TLV3g-e_bxaQZXFnKU0UizFJTOvuqk7ELp8gbU0ppAWlQAFFJBJFhwHQOgXVUcf7r2Ckea7M91fRxbszi2SeLjkVxY_ejCrf73M9_PlavxiKF5F1TG-LvoqdIOQQVGfUL7YE6MexR5bUXfDEZFX5BwTjk0b6KJPjTeP1yHhQW6FXjSrzw2;rtbtest=0 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash d1fd5823754640a32760d1feba8b573caa3a0b3c321beff563abd661da5ed713 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 15 Feb 2022 19:51:42 GMT content-encoding gzip server nginx vary Accept-Encoding p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript; charset=utf-8 content-length 963 expires -1
GET H/1.1	200 OK	analytics.js Show response s.update.ib.adnxs.com/2/225545/ Frame F9FE	6 KB 3 KB	192ms 30ms	Script text/javascript	52.31.191.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.ib.adnxs.com/2/225545/analytics.js?dt=2255451533761563475000&pd=avt&di=https%3A%2F%2Fkansk.org%2F&ui=8872113371434408875&ap=&sr=10602&pp=1582986&ti=5740827832585331349&pv=&to=1&de=2&md=1&dm=728x90&gt=DE&ac=${CPG_ID}&pc=20608856&cr=233759280&c1=ams1&c2=0&cb=2063501354 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-191-243.eu-west-1.compute.amazonaws.com Software / Resource Hash 39687983983019f66e70585bfd433c2a5f705a890b694db5d38845190e596520 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:41 GMT Content-Encoding gzip Accept-Ch Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data Vary * Content-Type text/javascript; charset=utf-8 Cache-Control no-cache, no-store, must-revalidate, no-transform, private, max-age=0 Strict-Transport-Security max-age=31536000; includeSubDomains Timing-Allow-Origin * Content-Length 2935 Expires 0
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/222/ Frame F9FE	85 KB 29 KB	115ms 27ms	Script application/x-javascript	104.102.28.239 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/222/trk.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.102.28.239 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-102-28-239.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Tue, 15 Feb 2022 19:51:42 GMT Content-Encoding gzip Last-Modified Tue, 14 Dec 2021 10:40:55 GMT Server AkamaiNetStorage ETag "27a82a9a755fe85e7882d2ba1e990a11:1639478455.565772" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin *, * Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 29209 Expires Wed, 15 Feb 2023 19:51:42 GMT
GET H/1.1	200 OK	it ams1-ib.adnxs.com/ Frame F9FE	0 801 B	101ms 41ms	Image text/html	185.33.220.240 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fkansk.org%252F&e=wqT_3QKsBOgsAgAAAwDWAAUBCM2IsJAGEJXFsu_1j-HVTxgAKjYJTG4IsGEggj8Rbtyd0nQtfz8ZAAAAQDMz0z8hbg0SACkRJAAxARuw4XqUPzDY7ukJOOpSQPYISFtQsMS7b1i27HhgAGjT5JEBeACAAQGKAQNVU0SSBQb0NAGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ05mdHJoSVFyUW892ALu1APgAtD8UOoCEmh0dHBzOi8va2Fuc2sub3JnL4ADAIgDAZADAJgDF6ADAaoDJxoVNTc0MDgyNzgzMjU4NTMzMTM0OV8xKgQ1NjExOggzODUxNjQzOcADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS41qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLDEu2-IBQGYBQCgBevXsMn30Kyie8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQDgBQHwBbF1-gUECAAQAJAGAJgGALgGAMEGAAABJizwP9AGgvIB2gYWChABEC4BAHgQARgB4AYB8gYCCACABwGIBwCgBwG6Bw8IABAAGAAgAaMougZAAMgHANIHDQkROgEcCNoHBgklROAHAOoHAggA8Ae-3QOKCAIQAA..&s=f1e7ae11bc38ee6bd9d26a642df91e25731b554a Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:42 GMT X-Proxy-Origin 217.64.151.5; 217.64.151.5; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 595ffabe-fd81-4625-80db-94614d40ff5a Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	bootstrap.js Show response s1.adform.net/stoat/626/s1.adform.net/ Frame F9FE	33 KB 16 KB	113ms 36ms	Script text/javascript	37.157.2.249 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js Requested by Host: track.adform.net URL: https://track.adform.net/adfscript/?bn=38516439;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.008851-ZRbl7_R4FyV43b5_rcjLvBH51KcPR3Fx0;rtbr=5740827832585331349_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fkansk.org%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=KOxY41NIkNlpKR5nFt0p1pXkMkGr0vIX529k6TLV3g-e_bxaQZXFnKU0UizFJTOvuqk7ELp8gbU0ppAWlQAFFJBJFhwHQOgXVUcf7r2Ckea7M91fRxbszi2SeLjkVxY_ejCrf73M9_PlavxiKF5F1TG-LvoqdIOQQVGfUL7YE6MexR5bUXfDEZFX5BwTjk0b6KJPjTeP1yHhQW6FXjSrzw2;rtbtest=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:42 GMT content-encoding gzip last-modified Thu, 10 Feb 2022 15:16:56 GMT server nginx x-cache-status HIT vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=100000 expires Wed, 16 Feb 2022 22:44:37 GMT
GET H2	200	/ Show response track.adform.net/adfserve/ Frame F9FE	5 KB 3 KB	19ms 19ms	Script text/javascript	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/adfserve/?CC=1&bn=38516439;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.008851-ZRbl7_R4FyV43b5_rcjLvBH51KcPR3Fx0;rtbr=5740827832585331349_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fkansk.org%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=KOxY41NIkNlpKR5nFt0p1pXkMkGr0vIX529k6TLV3g-e_bxaQZXFnKU0UizFJTOvuqk7ELp8gbU0ppAWlQAFFJBJFhwHQOgXVUcf7r2Ckea7M91fRxbszi2SeLjkVxY_ejCrf73M9_PlavxiKF5F1TG-LvoqdIOQQVGfUL7YE6MexR5bUXfDEZFX5BwTjk0b6KJPjTeP1yHhQW6FXjSrzw2;rtbtest=0;js=1;adfxid=1x;5260;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fkansk.org%2F Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 0e39bb21c74e16c8e415310be707c7957ce75451e9570555e834c90820d1182d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 15 Feb 2022 19:51:42 GMT content-encoding gzip server nginx vary Accept-Encoding p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript; charset=utf-8 content-length 2498 expires -1
GET H2	200	r62eglto.js Show response ad4m.at/ Frame F9FE	35 KB 13 KB	83ms 30ms	Script application/javascript	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/r62eglto.js Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-goog-hash crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw== date Tue, 15 Feb 2022 19:51:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 31821 x-guploader-uploadid ADPycdsoLgx8n7jiyPdzdqiZQ5pie9d6qWkEeBXSxQHaDB9ri_PQZAsJo6gOrp8p0Ozux54M8eJ7NVBSc4Ny9jpqepI x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 26 Jan 2022 11:00:45 GMT server cloudflare etag W/"25dab5d0aa24f68116270a61c758162f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odCB5%2FqMJJW4AAom1y7tdryWtQyv%2BqykMPFk5FL09GLk%2Fa6qf7dYnW0zpmru2g5OeSnBXcJPZNj10ah0VuWKp9Mcbp6TfAmPaoHofOpaqHa5%2FvXkatWmodlF3Yzf97CRhwow7jY%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1643194845770575 content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 x-goog-stored-content-length 11870 cf-ray 6de11289c96e83a2-MXP expires Tue, 15 Feb 2022 11:01:21 GMT
POST H2	200	/ track.adform.net/csimpr/ Frame F9FE	35 B 465 B	22ms 22ms	Ping image/gif	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/csimpr/?bn=38516439&csi=FFnMJl7HxkO-PvxZFYV1VKAPOK1fLzxBnKRWaOGiMrDrygPkIxxfk4U_XYS8qqaM8QzQYqWEBieUdcaqTWXZcGQBbo50IEXs0 Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 15 Feb 2022 19:51:42 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://kansk.org cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type image/gif access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
GET H2	200	ThirdParty Show response s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ Frame F9FE	35 KB 15 KB	24ms 24ms	Script text/javascript	37.157.2.249 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash d80c5e589d01a4960b7737680fe9bd09293cab9db77fcfb7de2d64a1f0361037 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:42 GMT content-encoding gzip last-modified Thu, 10 Feb 2022 15:16:56 GMT server nginx x-cache-status HIT vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=100000 expires Wed, 16 Feb 2022 22:45:07 GMT
GET H/1.1	200 OK	rd_log Show response ams1-ib.adnxs.com/ Frame F9FE	0 801 B	13ms 13ms	Script text/html	185.33.220.240 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fkansk.org%2F&e=wqT_3QK3Bug3AwAAAwDWAAUBCM2IsJAGEJXFsu_1j-HVTxgAKjYJTG4IsGEggj8Rbtyd0nQtfz8ZAAAAQDMz0z8hbg0SACkRJAAxARuw4XqUPzDY7ukJOOpSQPYISFtQsMS7b1i27HhgAGjT5JEBeACAAQGKAQNVU0SSBQb0tAKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ05mdHJoSVFyUW892ALu1APgAtD8UOoCEmh0dHBzOi8va2Fuc2sub3JnL_ICLAoHRU5DX0NQTRIhWlJibDdfUjRGeVY0M2I1X3Jjakx2Qkg1MUtjUFIzRngw8gLoAQoMRU5DX1JUQl9EQVRBEtcBS094WTQxTklrTmxwS1I1bkZ0MHAxcFhrTWtHcjB2SVg1MjlrNlRMVjNnLWVfYnhhUVpYRm5LVTBVaXpGSlRPdnVxazdFTHA4Z2JVMHBwQVdsUUFGRkpCSkZod0hRT2dYVlVjZjdyMkNrZWE3TTkxZlJ4YnN6aTJTZUxqa1Z4WV9lakNyZjczTTlfUGxhdnhpS0Y1RjFURy1Mdm9xZElPUVFWR2ZVTDdZRTZNZXhSNWJVWGZERVpGWDVCd1RqazBiNktKUGpUZVAxeUhoUVc2RlhqU3J6dzLyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS41qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLDEu2-IBQGYBQCgBevXsMn30Kyie8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQDgBQHwBbF1-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBoLyAdoGFgoQAAAAAAAAAAAAAAAAAAAAABABGAHgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4ugZAAMgHANIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHvt0DiggCEAA.&s=38b2b315b538a10e31111a3a0199124b69dc213c&bdref=https%3A%2F%2Fkansk.org%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fkansk.org%2F,https%3A%2F%2Fkansk.org%2F& Requested by Host: kansk.org URL: https://kansk.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:42 GMT X-Proxy-Origin 217.64.151.5; 217.64.151.5; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 28ea52e8-5483-4491-8d5e-494b72f617f7 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	postback Show response s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/ Frame F9FE	0 145 B	122ms 29ms	XHR text/plain	52.31.191.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/postback?oz_pl=1&di=https%3A%2F%2Fkansk.org%2F&dm=728x90&gt=DE&pd=avt&pc=20608856&c1=ams1&c2=0&ac=%24%7BCPG_ID%7D&cb=2063501354&ui=8872113371434408875&ap=&sr=10602&pv=&to=1&cr=233759280&ci=225545&dt=2255451533761563475000&pp=1582986&ti=5740827832585331349&de=2&md=1&_x=1 Requested by Host: s.update.ib.adnxs.com URL: https://s.update.ib.adnxs.com/2/225545/analytics.js?dt=2255451533761563475000&pd=avt&di=https%3A%2F%2Fkansk.org%2F&ui=8872113371434408875&ap=&sr=10602&pp=1582986&ti=5740827832585331349&pv=&to=1&de=2&md=1&dm=728x90&gt=DE&ac=${CPG_ID}&pc=20608856&cr=233759280&c1=ams1&c2=0&cb=2063501354 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-191-243.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Tue, 15 Feb 2022 19:51:42 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET H/1.1	200 OK	main.js Show response s.update.ib.adnxs.com/2/2.49.0/ Frame F9FE	153 KB 48 KB	29ms 29ms	Script text/javascript	52.31.191.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.ib.adnxs.com/2/2.49.0/main.js Requested by Host: s.update.ib.adnxs.com URL: https://s.update.ib.adnxs.com/2/225545/analytics.js?dt=2255451533761563475000&pd=avt&di=https%3A%2F%2Fkansk.org%2F&ui=8872113371434408875&ap=&sr=10602&pp=1582986&ti=5740827832585331349&pv=&to=1&de=2&md=1&dm=728x90&gt=DE&ac=${CPG_ID}&pc=20608856&cr=233759280&c1=ams1&c2=0&cb=2063501354 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-191-243.eu-west-1.compute.amazonaws.com Software / Resource Hash e4c78a6a71337392adb58b8334462c6f19a34bc8812b1ce3ca6f640f1c181037 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Tue, 15 Feb 2022 19:51:42 GMT Content-Encoding br Accept-Ch Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data Vary Origin, Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control public, no-transform, immutable, max-age=999999999 Strict-Transport-Security max-age=31536000; includeSubDomains Timing-Allow-Origin * Content-Length 48511 Expires Fri, 24 Oct 2053 17:27:07 GMT
POST H/1.1	200 OK	vevent ams1-ib.adnxs.com/ Frame F9FE	0 817 B	18ms 18ms	Ping text/html	185.33.220.240 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fkansk.org%2F&e=wqT_3QKsBOgsAgAAAwDWAAUBCM2IsJAGEJXFsu_1j-HVTxgAKjYJTG4IsGEggj8Rbtyd0nQtfz8ZAAAAQDMz0z8hbg0SACkRJAAxARuw4XqUPzDY7ukJOOpSQPYISFtQsMS7b1i27HhgAGjT5JEBeACAAQGKAQNVU0SSBQb0NAGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ05mdHJoSVFyUW892ALu1APgAtD8UOoCEmh0dHBzOi8va2Fuc2sub3JnL4ADAIgDAZADAJgDF6ADAaoDJxoVNTc0MDgyNzgzMjU4NTMzMTM0OV8xKgQ1NjExOggzODUxNjQzOcADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS41qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLDEu2-IBQGYBQCgBevXsMn30Kyie8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQDgBQHwBbF1-gUECAAQAJAGAJgGALgGAMEGAAABJizwP9AGgvIB2gYWChABEC4BAHgQARgB4AYB8gYCCACABwGIBwCgBwG6Bw8IABAAGAAgAaMougZAAMgHANIHDQkROgEcCNoHBgklROAHAOoHAggA8Ae-3QOKCAIQAA..&s=f1e7ae11bc38ee6bd9d26a642df91e25731b554a&type=nv&nvt=5&jm=1003&sid=8024498851002046575&vd=ct~0|rr~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20608856&sw=1600&sh=1200&pw=1600&ph=6289&ww=1600&wh=1200&ft=2 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/222/trk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:42 GMT X-Proxy-Origin 217.64.151.5; 217.64.151.5; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid eaf14794-76f6-4e5c-b009-51bb38dcd345 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://kansk.org Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	frame.html Show response ad4m.at/ Frame 55ED	2 KB 2 KB	119ms 65ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ Response headers date Tue, 15 Feb 2022 19:51:42 GMT content-type text/html; charset=utf-8 x-guploader-uploadid ABg5-UyeLBVhHAIZ8FltxpXlUM5R8DqPaKSU3c7b-68ZRE088IFETGm3uM0Na7cnC51Zn0zXDp62hk5X3OmPnMCJTig expires Tue, 15 Feb 2022 20:51:42 GMT last-modified Wed, 06 May 2020 15:09:30 GMT x-goog-generation 1588777770164783 x-goog-metageneration 3 x-goog-stored-content-encoding identity x-goog-stored-content-length 1681 x-goog-meta- x-goog-custom-time 1970-01-01T00:00:00Z content-language en x-goog-hash crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g== x-goog-storage-class MULTI_REGIONAL cache-control public, max-age=3600 age 1083658 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status HIT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x14BzRdkLGd%2F575zVjdaNfVDnrNj5ZGBt%2ByMQo95REnsV%2B7T%2F2%2FrneeR71uuWMUneqL2M1jC3%2BjRBg0ZBsuHktMgaI7glhq4cEoaxQ72VYFc%2Blcmcw6r8bxzOlK1eEwUUiHh4bg%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 6de1128aa8805d23-LIS content-encoding br
POST H/1.1	200 OK	postback Show response s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/ Frame F9FE	0 145 B	29ms 28ms	XHR text/plain	52.31.191.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/postback?oz_pl=1&di=https%3A%2F%2Fkansk.org%2F&dm=728x90&gt=DE&pd=avt&pc=20608856&c1=ams1&c2=0&ac=%24%7BCPG_ID%7D&cb=2063501354&ui=8872113371434408875&ap=&sr=10602&pv=&to=1&cr=233759280&ci=225545&dt=2255451533761563475000&pp=1582986&ti=5740827832585331349&de=2&md=1&_x=1 Requested by Host: s.update.ib.adnxs.com URL: https://s.update.ib.adnxs.com/2/225545/analytics.js?dt=2255451533761563475000&pd=avt&di=https%3A%2F%2Fkansk.org%2F&ui=8872113371434408875&ap=&sr=10602&pp=1582986&ti=5740827832585331349&pv=&to=1&de=2&md=1&dm=728x90&gt=DE&ac=${CPG_ID}&pc=20608856&cr=233759280&c1=ams1&c2=0&cb=2063501354 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-191-243.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Tue, 15 Feb 2022 19:51:42 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H/1.1	200 OK	postback Show response s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/ Frame F9FE	0 145 B	43ms 28ms	XHR text/plain	52.31.191.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/postback?di=https%3A%2F%2Fkansk.org%2F&dm=728x90&gt=DE&pd=avt&pc=20608856&c1=ams1&c2=0&ac=%24%7BCPG_ID%7D&cb=2063501354&ui=8872113371434408875&ap=&sr=10602&pv=&to=1&cr=233759280&ci=225545&dt=2255451533761563475000&pp=1582986&ti=5740827832585331349&de=2&md=1&sid=ARaEgpMDEAX9f4kw&oz_sc=e87a9b333de7c33a008b0abf&oz_df=1644954702544&oz_l=123&cv=3 Requested by Host: s.update.ib.adnxs.com URL: https://s.update.ib.adnxs.com/2/2.49.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-191-243.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Tue, 15 Feb 2022 19:51:42 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H3	200	rs Show response ad4m.at/ Frame F9FE	874 B 1 KB	64ms 63ms	XHR text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf53476fba9a661cedeb6047901fbd0b02c391c4ca252bb9f4d7a96e4c51014f Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/json Response headers date Tue, 15 Feb 2022 19:51:42 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6de1128bc86a6b2d-AMS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYJofG5qNuctCh%2BJrTmGRhD8G5W8h7YoMdbg6sgN%2BgDbIo5z9bd91DECrUYM6hbHxLbIVa%2BKB4gQm32zMozcj%2BfTNFcDIR82NA%2FW8fjR%2FQhiJv6z5KBnB0I7rElughXfuY2eMb4%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://kansk.org alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 access-control-allow-credentials true content-encoding br x-backend-server aa-reachservice-group-europe-west1-143p
OPTIONS H3	200	rs ad4m.at/ Frame	0 0	93ms 59ms	Preflight text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://kansk.org User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Sec-Fetch-Mode cors Response headers date Tue, 15 Feb 2022 19:51:42 GMT content-type text/plain content-length 24 access-control-allow-origin https://kansk.org access-control-allow-credentials true access-control-max-age 1800 access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-headers content-type allow HEAD,POST,GET,OPTIONS x-backend-server aa-reachservice-group-europe-west1-143p via 1.1 google alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76SPHfYkAAekf8M5WusgyoxIGC673RsWc7zGJcQ4AYmcCjF%2BnS6ERfdq2fyHwB0n0ZOBhzMMedgEDvnT0oY3e%2B%2BnkmN88lz0rAS8TX4DCXoWRBjyEfQ4u%2FjK4mW%2B%2FYWlqcb4a8Q%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6de1128b6f6f6b2d-AMS
GET BLOB	200 OK	f87ef8c2-f774-4f38-856e-d633b68969ef https://kansk.org/ Frame 6B1C	185 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://kansk.org/f87ef8c2-f774-4f38-856e-d633b68969ef Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Length 185 Content-Type application/javascript
POST H/1.1	200 OK	postback Show response s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/ Frame F9FE	0 145 B	28ms 28ms	XHR text/plain	52.31.191.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/postback?di=https%3A%2F%2Fkansk.org%2F&dm=728x90&gt=DE&pd=avt&pc=20608856&c1=ams1&c2=0&ac=%24%7BCPG_ID%7D&cb=2063501354&ui=8872113371434408875&ap=&sr=10602&pv=&to=1&cr=233759280&ci=225545&dt=2255451533761563475000&pp=1582986&ti=5740827832585331349&de=2&md=1&sid=ARaEgpMDEAX9f4kw&oz_sc=e87a9b333de7c33a008b0abf&oz_df=1644954702697&oz_l=4425&cv=3 Requested by Host: s.update.ib.adnxs.com URL: https://s.update.ib.adnxs.com/2/2.49.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-191-243.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Tue, 15 Feb 2022 19:51:42 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET H2	200	rar Show response as.ad4m.at/ad/ Frame E938	2 KB 2 KB	75ms 62ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=36034&b=4r4fEf2PAWf7qwtGHxtGHAtDqGFZTpTgwhK&f=r2gaQfm47zHwxDSAHGtGHJCgq6t5T8TXbad&c=728&d=90&e=v4CR3DORJDPDTzDr2Usp0ezJMV1p9CAG&g=904c7ad8b26c2c6f73dd0fe3d5f8b2bf%2F2775541412554409874&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1644954702721&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3D0.008851-ZRbl7_R4FyV43b5_rcjLvBH51KcPR3Fx0%3Bcrtbdata%3DKOxY41NIkNlpKR5nFt0p1pXkMkGr0vIX529k6TLV3g-e_bxaQZXFnKU0UizFJTOvuqk7ELp8gbU0ppAWlQAFFJBJFhwHQOgXVUcf7r2Ckea7M91fRxbszi2SeLjkVxY_ejCrf73M9_PlavxiKF5F1TG-LvoqdIOQQVGfUL7YE6MexR5bUXfDEZFX5BwTjk0b6KJPjTeP1yHhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJny6_JNPlCMJpVBArHpP3LIb537lJcYyMZrkDiVwmhTAv0TYBtf0ydstT7mjztlqMPB81ifIhuSCY3scUm5kCP3a7iCPj1oc7pjtOOjUZ_xpsKJvKZh0TUkUK1kNAmXr5zHoFEk39kKgMN4iOtIBxgX0%3B%3BCREFURL%3Dhttps%253a%252f%252fkansk.org%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 924e0327be4e2e4f44ea451192fb4e50d755c4bbab60c35c220ac9c29c5fb0de Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ Response headers date Tue, 15 Feb 2022 19:51:42 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen cross-origin-resource-policy cross-origin x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block cross-origin-embedder-policy unsafe-none content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache cross-origin-opener-policy unsafe-none via 1.1 google alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6de1128c387e83a2-MXP content-encoding br
GET DATA	200 OK	truncated Show response / Frame 9F74	28 B 28 B		Document text/html
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1623f1d081160d976dd6588373dd6e73e24af9a6ff056a653ebd0fba2f355bcd Request headers Upgrade-Insecure-Requests 1 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type text/html;charset=utf-8
GET H3	200	default.css as.ad4m.at/ad/style/0.1.18/one-ad/ Frame E938	81 KB 11 KB	67ms 67ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=36034&b=4r4fEf2PAWf7qwtGHxtGHAtDqGFZTpTgwhK&f=r2gaQfm47zHwxDSAHGtGHJCgq6t5T8TXbad&c=728&d=90&e=v4CR3DORJDPDTzDr2Usp0ezJMV1p9CAG&g=904c7ad8b26c2c6f73dd0fe3d5f8b2bf%2F2775541412554409874&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1644954702721&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3D0.008851-ZRbl7_R4FyV43b5_rcjLvBH51KcPR3Fx0%3Bcrtbdata%3DKOxY41NIkNlpKR5nFt0p1pXkMkGr0vIX529k6TLV3g-e_bxaQZXFnKU0UizFJTOvuqk7ELp8gbU0ppAWlQAFFJBJFhwHQOgXVUcf7r2Ckea7M91fRxbszi2SeLjkVxY_ejCrf73M9_PlavxiKF5F1TG-LvoqdIOQQVGfUL7YE6MexR5bUXfDEZFX5BwTjk0b6KJPjTeP1yHhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJny6_JNPlCMJpVBArHpP3LIb537lJcYyMZrkDiVwmhTAv0TYBtf0ydstT7mjztlqMPB81ifIhuSCY3scUm5kCP3a7iCPj1oc7pjtOOjUZ_xpsKJvKZh0TUkUK1kNAmXr5zHoFEk39kKgMN4iOtIBxgX0%3B%3BCREFURL%3Dhttps%253a%252f%252fkansk.org%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/rar?a=36034&b=4r4fEf2PAWf7qwtGHxtGHAtDqGFZTpTgwhK&f=r2gaQfm47zHwxDSAHGtGHJCgq6t5T8TXbad&c=728&d=90&e=v4CR3DORJDPDTzDr2Usp0ezJMV1p9CAG&g=904c7ad8b26c2c6f73dd0fe3d5f8b2bf%2F2775541412554409874&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1644954702721&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3D0.008851-ZRbl7_R4FyV43b5_rcjLvBH51KcPR3Fx0%3Bcrtbdata%3DKOxY41NIkNlpKR5nFt0p1pXkMkGr0vIX529k6TLV3g-e_bxaQZXFnKU0UizFJTOvuqk7ELp8gbU0ppAWlQAFFJBJFhwHQOgXVUcf7r2Ckea7M91fRxbszi2SeLjkVxY_ejCrf73M9_PlavxiKF5F1TG-LvoqdIOQQVGfUL7YE6MexR5bUXfDEZFX5BwTjk0b6KJPjTeP1yHhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJny6_JNPlCMJpVBArHpP3LIb537lJcYyMZrkDiVwmhTAv0TYBtf0ydstT7mjztlqMPB81ifIhuSCY3scUm5kCP3a7iCPj1oc7pjtOOjUZ_xpsKJvKZh0TUkUK1kNAmXr5zHoFEk39kKgMN4iOtIBxgX0%3B%3BCREFURL%3Dhttps%253a%252f%252fkansk.org%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:42 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 530775 cross-origin-embedder-policy unsafe-none cf-polished origSize=83581 surrogate-control no-store cross-origin-resource-policy cross-origin strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin expires 0 last-modified Wed, 09 Feb 2022 16:25:27 GMT server cloudflare cross-origin-opener-policy unsafe-none expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control max-age=3600, must-revalidate, proxy-revalidate cf-ray 6de1128cdca45d23-LIS cf-bgj minify
GET H2	200	490D44068224CBDF2DA6464E2F8ABF0D96E370F044A347DE74F58072D8D9477194067F7A7D514225CDB734A52C6471E0974C7557F95E6B9927BA56B35114A057 assets.ad4m.at/product_image/ Frame E938	12 KB 13 KB	52ms 40ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/490D44068224CBDF2DA6464E2F8ABF0D96E370F044A347DE74F58072D8D9477194067F7A7D514225CDB734A52C6471E0974C7557F95E6B9927BA56B35114A057 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=36034&b=4r4fEf2PAWf7qwtGHxtGHAtDqGFZTpTgwhK&f=r2gaQfm47zHwxDSAHGtGHJCgq6t5T8TXbad&c=728&d=90&e=v4CR3DORJDPDTzDr2Usp0ezJMV1p9CAG&g=904c7ad8b26c2c6f73dd0fe3d5f8b2bf%2F2775541412554409874&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1644954702721&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3D0.008851-ZRbl7_R4FyV43b5_rcjLvBH51KcPR3Fx0%3Bcrtbdata%3DKOxY41NIkNlpKR5nFt0p1pXkMkGr0vIX529k6TLV3g-e_bxaQZXFnKU0UizFJTOvuqk7ELp8gbU0ppAWlQAFFJBJFhwHQOgXVUcf7r2Ckea7M91fRxbszi2SeLjkVxY_ejCrf73M9_PlavxiKF5F1TG-LvoqdIOQQVGfUL7YE6MexR5bUXfDEZFX5BwTjk0b6KJPjTeP1yHhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJny6_JNPlCMJpVBArHpP3LIb537lJcYyMZrkDiVwmhTAv0TYBtf0ydstT7mjztlqMPB81ifIhuSCY3scUm5kCP3a7iCPj1oc7pjtOOjUZ_xpsKJvKZh0TUkUK1kNAmXr5zHoFEk39kKgMN4iOtIBxgX0%3B%3BCREFURL%3Dhttps%253a%252f%252fkansk.org%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca5925c7f16109d248c8d7445d528cf0052524e35ac8b78e2d93cc476a4e20d4 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-goog-hash crc32c=xx2USg==, md5=6S4Nkr1hOMfKLhLcMJUNQw== date Tue, 15 Feb 2022 19:51:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 126020 cf-polished qual=85, origFmt=jpeg, origSize=31407 x-guploader-uploadid ADPycdtcybP4GL9KP7HUkiTqPCnyJJqW2pzObGsKsVi6X42FHCyvFivQ0Be9Ii9Dcc46kYDHInre3RaNQmY4EFqY0_I x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 12428 last-modified Fri, 11 Feb 2022 11:18:21 GMT server cloudflare etag "e92e0d92bd6138c7ca2e12dc30950d43" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NFcYBLncmkevpO5p3vl9r0rqBSCpDPUxI4gv%2FLGNjTBcjJ%2BXwZwdYFoJFMDQwF3eFWE9Z%2BkwRkypTrJyV8p0GExgc%2FT0W12hpZnGhmG4PqnKBYhlptKH%2F1%2Bf%2FPPz4zL8AeQNFXnbSzwJyMj"}],"group":"cf-nel","max_age":604800} x-goog-generation 1644578301740860 content-type image/webp expires Wed, 16 Feb 2022 19:51:42 GMT cache-control public, max-age=86400 x-goog-stored-content-length 31407 accept-ranges bytes cf-ray 6de1128cca4e83a2-MXP cf-bgj imgq:85,h2pri
POST H/1.1	200 OK	postback Show response s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/ Frame F9FE	0 145 B	30ms 30ms	XHR text/plain	52.31.191.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/postback?di=https%3A%2F%2Fkansk.org%2F&dm=728x90&gt=DE&pd=avt&pc=20608856&c1=ams1&c2=0&ac=%24%7BCPG_ID%7D&cb=2063501354&ui=8872113371434408875&ap=&sr=10602&pv=&to=1&cr=233759280&ci=225545&dt=2255451533761563475000&pp=1582986&ti=5740827832585331349&de=2&md=1&sid=ARaEgpMDEAX9f4kw&oz_sc=e87a9b333de7c33a008b0abf&oz_df=1644954702869&oz_l=4207&cv=3 Requested by Host: s.update.ib.adnxs.com URL: https://s.update.ib.adnxs.com/2/2.49.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-191-243.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Tue, 15 Feb 2022 19:51:42 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H/1.1	200 OK	postback Show response s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/ Frame F9FE	0 145 B	28ms 28ms	XHR text/plain	52.31.191.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/postback?di=https%3A%2F%2Fkansk.org%2F&dm=728x90&gt=DE&pd=avt&pc=20608856&c1=ams1&c2=0&ac=%24%7BCPG_ID%7D&cb=2063501354&ui=8872113371434408875&ap=&sr=10602&pv=&to=1&cr=233759280&ci=225545&dt=2255451533761563475000&pp=1582986&ti=5740827832585331349&de=2&md=1&sid=ARaEgpMDEAX9f4kw&oz_sc=e87a9b333de7c33a008b0abf&oz_df=1644954703072&oz_l=386&cv=3 Requested by Host: s.update.ib.adnxs.com URL: https://s.update.ib.adnxs.com/2/2.49.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-191-243.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Tue, 15 Feb 2022 19:51:42 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET BLOB	200 OK	48136bc6-f68d-49d4-90de-363e68da9756 https://kansk.org/ Frame F9FE	772 B 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://kansk.org/48136bc6-f68d-49d4-90de-363e68da9756 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 68e6dc958101c114fa6b33029f7acf093bc85a39f1f1bb2abd1fd52ba0d7b8a4 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Length 772
POST H/1.1	200 OK	postback Show response s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/ Frame F9FE	0 145 B	29ms 28ms	XHR text/plain	52.31.191.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/postback?di=https%3A%2F%2Fkansk.org%2F&dm=728x90&gt=DE&pd=avt&pc=20608856&c1=ams1&c2=0&ac=%24%7BCPG_ID%7D&cb=2063501354&ui=8872113371434408875&ap=&sr=10602&pv=&to=1&cr=233759280&ci=225545&dt=2255451533761563475000&pp=1582986&ti=5740827832585331349&de=2&md=1&sid=ARaEgpMDEAX9f4kw&oz_sc=e87a9b333de7c33a008b0abf&oz_df=1644954703223&oz_l=2741&cv=3 Requested by Host: s.update.ib.adnxs.com URL: https://s.update.ib.adnxs.com/2/2.49.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-191-243.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Tue, 15 Feb 2022 19:51:42 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H/1.1	200 OK	postback Show response s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/ Frame F9FE	0 145 B	28ms 28ms	XHR text/plain	52.31.191.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.ib.adnxs.com/2/2.49.0/225545/ARaEgpMDEAX9f4kw/postback?di=https%3A%2F%2Fkansk.org%2F&dm=728x90&gt=DE&pd=avt&pc=20608856&c1=ams1&c2=0&ac=%24%7BCPG_ID%7D&cb=2063501354&ui=8872113371434408875&ap=&sr=10602&pv=&to=1&cr=233759280&ci=225545&dt=2255451533761563475000&pp=1582986&ti=5740827832585331349&de=2&md=1&sid=ARaEgpMDEAX9f4kw&oz_sc=e87a9b333de7c33a008b0abf&oz_df=1644954703383&oz_l=928&cv=3 Requested by Host: s.update.ib.adnxs.com URL: https://s.update.ib.adnxs.com/2/2.49.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.31.191.243 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-191-243.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Tue, 15 Feb 2022 19:51:42 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H/1.1	200 OK	vevent ams1-ib.adnxs.com/ Frame F9FE	0 817 B	45ms 45ms	Ping text/html	185.33.220.240 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fkansk.org%2F&e=wqT_3QKsBOgsAgAAAwDWAAUBCM2IsJAGEJXFsu_1j-HVTxgAKjYJTG4IsGEggj8Rbtyd0nQtfz8ZAAAAQDMz0z8hbg0SACkRJAAxARuw4XqUPzDY7ukJOOpSQPYISFtQsMS7b1i27HhgAGjT5JEBeACAAQGKAQNVU0SSBQb0NAGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ05mdHJoSVFyUW892ALu1APgAtD8UOoCEmh0dHBzOi8va2Fuc2sub3JnL4ADAIgDAZADAJgDF6ADAaoDJxoVNTc0MDgyNzgzMjU4NTMzMTM0OV8xKgQ1NjExOggzODUxNjQzOcADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS41qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLDEu2-IBQGYBQCgBevXsMn30Kyie8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQDgBQHwBbF1-gUECAAQAJAGAJgGALgGAMEGAAABJizwP9AGgvIB2gYWChABEC4BAHgQARgB4AYB8gYCCACABwGIBwCgBwG6Bw8IABAAGAAgAaMougZAAMgHANIHDQkROgEcCNoHBgklROAHAOoHAggA8Ae-3QOKCAIQAA..&s=f1e7ae11bc38ee6bd9d26a642df91e25731b554a&type=pv&jm=1003&px=436&py=1102&bw=728&bh=90&sf=1&sid=8024498851002046575&vd=ct~0|rr~5&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20608856&ft=2 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/222/trk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:43 GMT X-Proxy-Origin 217.64.151.5; 217.64.151.5; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 57a06851-bced-45b2-bcd0-4e08b98b7782 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://kansk.org Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	/ track.adform.net/serving/unload/ Frame F9FE	35 B 465 B	34ms 33ms	Ping image/gif	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/serving/unload/?version=15&unload=7271321795905545658@@38516439,8307754230723773484,100|1201|0|0|0|0|0|0|0||41|0|1325|8882420660004727787_5740827832585331349_1|||1|0|0|MDgv3RhQTdBX7EYoWZQhURdMxTtNFscZBxBly-dA7VyKe840afpnA8kllzAqADQrA7z_uuw_WOM1|||11|0|0 Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://kansk.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 15 Feb 2022 19:51:44 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://kansk.org cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type image/gif access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkansk.org%2F&domain=kansk.org&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=nDhmWXxkeW0wQXZ4MW9Hei9VWE51NGNmQmZxd0llbTZweGFnR2hxcGFiNUVORW8zaVJLV0dqNEUzTGM4Vmh2WHBWSU9WeUhLVzFFZG1ycHppZHVGVlhXOStMZnp6VndSRURiUzZkYUwzS2FzV3FQM2JqWG80L05MaVY4RU...	350 B 617 B	50ms 19ms	XHR application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=nDhmWXxkeW0wQXZ4MW9Hei9VWE51NGNmQmZxd0llbTZweGFnR2hxcGFiNUVORW8zaVJLV0dqNEUzTGM4Vmh2WHBWSU9WeUhLVzFFZG1ycHppZHVGVlhXOStMZnp6VndSRURiUzZkYUwzS2FzV3FQM2JqWG80L05MaVY4RUJ0WTVoWCs2YmxmbDlIUDNmTnViK3dGaFZvT0tlcnROSFBKd0RzdkNkQnZ5T3BxdmZnMGtoYUdtdzNpb3VycUNYc0E2T2JKZzVXQm1zUlR4K3hodDN6TVczeTdXTVlIajdHUTVqMVJtUU5pRmVEWUR0d0VzPXw&cppv=2 Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash d737bf87ec695be3e4bf8e64947377ffa7a53e8e6c23a071165b934c81811758 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 15 Feb 2022 19:51:44 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2395 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Tue, 15 Feb 2022 19:51:45 GMT location https://mug.criteo.com/sid?cpp=nDhmWXxkeW0wQXZ4MW9Hei9VWE51NGNmQmZxd0llbTZweGFnR2hxcGFiNUVORW8zaVJLV0dqNEUzTGM4Vmh2WHBWSU9WeUhLVzFFZG1ycHppZHVGVlhXOStMZnp6VndSRURiUzZkYUwzS2FzV3FQM2JqWG80L05MaVY4RUJ0WTVoWCs2YmxmbDlIUDNmTnViK3dGaFZvT0tlcnROSFBKd0RzdkNkQnZ5T3BxdmZnMGtoYUdtdzNpb3VycUNYc0E2T2JKZzVXQm1zUlR4K3hodDN6TVczeTdXTVlIajdHUTVqMVJtUU5pRmVEWUR0d0VzPXw&cppv=2 strict-transport-security max-age=31536000; preload; access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://kansk.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2599 content-length 482 expires 0
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	82ms 28ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkansk.org%2F&domain=kansk.org&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://kansk.org User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 access-control-allow-origin https://kansk.org access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1410 date Tue, 15 Feb 2022 19:51:44 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip vary Accept-Encoding
GET H2	200	usersync Show response ssp.wp.pl/bidder/ Frame B9E1	442 B 436 B	39ms 38ms	Document text/html	212.77.99.29 WIRTUALNAPOLSKA G...
General Check archive.org Show headers Download Go to Full URL https://ssp.wp.pl/bidder/usersync?tcf=2 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL), Reverse DNS ssp.wp.pl Software nginx / Resource Hash b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ Response headers server nginx date Tue, 15 Feb 2022 19:51:45 GMT content-type text/html; charset=utf-8 content-length 306 accept-ranges bytes access-control-allow-credentials true access-control-allow-origin * content-encoding gzip last-modified Mon, 14 Feb 2022 12:27:19 GMT vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame CD61	52 KB 17 KB	65ms 15ms	Document text/html	151.101.193.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.193.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ Response headers Connection keep-alive Content-Length 17053 Server nginx/1.18.0 (Ubuntu) Content-Type text/html Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag W/"5fc7ff8f-cf34" Expires Fri, 11 Feb 2022 04:03:13 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Tue, 15 Feb 2022 19:51:45 GMT Age 56904 X-Served-By cache-lga21974-LGA, cache-hhn4070-HHN X-Cache HIT, HIT X-Cache-Hits 1, 956960 X-Timer S1644954705.161274,VS0,VE0 Vary Accept-Encoding
GET H2	200	apacdex Show response sync.quantumdex.io/usersync/ Frame 79BE	4 KB 1 KB	173ms 158ms	Document text/html	2606:4700:10::6816:2560 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync.quantumdex.io/usersync/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.14.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7e85f926f996e054f15892053785c1f9b4bd2033cb88edda2262ddf9bc42fc0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kansk.org/ Response headers date Tue, 15 Feb 2022 19:51:45 GMT content-type text/html cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6de1129b08930e16-MXP content-encoding gzip
GET H2	200	wpjslib-sync.js Show response std.wpcdn.pl/wpjslib/ Frame B9E1	128 KB 33 KB	202ms 58ms	Script application/javascript	212.77.98.32 WIRTUALNAPOLSKA G...
General Check archive.org Show headers Download Go to Full URL https://std.wpcdn.pl/wpjslib/wpjslib-sync.js Requested by Host: ssp.wp.pl URL: https://ssp.wp.pl/bidder/usersync?tcf=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL), Reverse DNS wifi32.ras.wp.pl Software nginx / Resource Hash 0e98b6518835a8b9edc924cea1d97c8c211c6b0439f309619b1ccbec122ad213 Request headers Referer https://ssp.wp.pl/ Origin https://ssp.wp.pl Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:45 GMT content-encoding br last-modified Tue, 15 Feb 2022 15:44:24 GMT server nginx etag W/"a1c3649b626ed3418383bf92f23cb414" access-control-max-age 300 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=900, stale-while-revalidate=86400 x-rgw-object-type Normal timing-allow-origin * access-control-allow-headers *
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame CD61	0 729 B	51ms 51ms	Script text/html	185.33.220.100 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:45 GMT X-Proxy-Origin 217.64.151.5; 217.64.151.5; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid aed2dece-1483-4b4a-b1b7-686fa5c60eb5 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	201ms 20ms	Preflight application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=nDhmWXxkeW0wQXZ4MW9Hei9VWE51NGNmQmZxd0llbTZweGFnR2hxcGFiNUVORW8zaVJLV0dqNEUzTGM4Vmh2WHBWSU9WeUhLVzFFZG1ycHppZHVGVlhXOStMZnp6VndSRURiUzZkYUwzS2FzV3FQM2JqWG80L05MaVY4RUJ0WTVoWCs2YmxmbDlIUDNmTnViK3dGaFZvT0tlcnROSFBKd0RzdkNkQnZ5T3BxdmZnMGtoYUdtdzNpb3VycUNYc0E2T2JKZzVXQm1zUlR4K3hodDN6TVczeTdXTVlIajdHUTVqMVJtUU5pRmVEWUR0d0VzPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1292 date Tue, 15 Feb 2022 19:51:45 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip vary Accept-Encoding
GET H2	200	setuid sync.quantumdex.io/ Frame 79BE Redirect Chain https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb4774028-8e98-11ec-8672-0a36a5c932cb https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb4774028-8e98-11ec-8672-0a36a5c932cb	43 B 95 B	158ms 157ms	Image image/gif	2606:4700:10::6816:2560 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb4774028-8e98-11ec-8672-0a36a5c932cb Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Server 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:45 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6de1129ec87b0e16-MXP content-length 43 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/gif Redirect headers location https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb4774028-8e98-11ec-8672-0a36a5c932cb date Tue, 15 Feb 2022 19:51:45 GMT server ATS/9.1.0.33 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	204	/ s.ad.smaato.net/c/ Frame 79BE	0 240 B	28ms 7ms	Image text/plain	2600:9000:223f:8c00:1b:5138:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:8c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:45 GMT via 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront) server CloudFront cache-control no-cache, must-revalidate x-amz-cf-pop FRA56-P5 x-amz-cf-id 0zGBm8p-ajYVKykimOG1mhMt-3QubdErDPsnsAMUV6DY8Vv54iZrjA== x-cache FunctionGeneratedResponse from cloudfront
GET H2	200	setuid sync.quantumdex.io/ Frame 79BE Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8872113371434408875	43 B 106 B	159ms 159ms	Image image/gif	2606:4700:10::6816:2560 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8872113371434408875 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Server 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:45 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6de1129c4b160e16-MXP content-length 43 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/gif Redirect headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:45 GMT X-Proxy-Origin 217.64.151.5; 217.64.151.5; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid ff80cdff-65a6-4e10-b70d-d4533faaa772 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8872113371434408875 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame 79BE Redirect Chain https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ed2cf264-a100-4521-893d-12b7ba248602	43 B 95 B	160ms 160ms	Image image/gif	2606:4700:10::6816:2560 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ed2cf264-a100-4521-893d-12b7ba248602 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Server 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:45 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6de1129c4b270e16-MXP content-length 43 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/gif Redirect headers location https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ed2cf264-a100-4521-893d-12b7ba248602 date Tue, 15 Feb 2022 19:51:45 GMT content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame 79BE Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8872113371434408875	43 B 95 B	166ms 166ms	Image image/gif	2606:4700:10::6816:2560 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8872113371434408875 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Server 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:45 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6de1129c9bdd0e16-MXP content-length 43 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/gif Redirect headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:45 GMT X-Proxy-Origin 217.64.151.5; 217.64.151.5; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 7159bbe2-2137-4faa-a94f-d38e9c536be8 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8872113371434408875 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame 79BE Redirect Chain https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 https://sync.quantumdex.io/setuid?bidder=between&uid=e593de4f-f7ab-532e-bee9-339fdce537ce	43 B 95 B	159ms 159ms	Image image/gif	2606:4700:10::6816:2560 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=between&uid=e593de4f-f7ab-532e-bee9-339fdce537ce Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Server 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:45 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6de1129eb8540e16-MXP content-length 43 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/gif Redirect headers location https://sync.quantumdex.io/setuid?bidder=between&uid=e593de4f-f7ab-532e-bee9-339fdce537ce cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame 79BE Redirect Chain https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=e071d189-8ad3-f9b9-c822-3a71b8ffdec2	43 B 95 B	172ms 172ms	Image image/gif	2606:4700:10::6816:2560 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=e071d189-8ad3-f9b9-c822-3a71b8ffdec2 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Server 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:45 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6de1129e5f840e16-MXP content-length 43 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/gif Redirect headers location https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=e071d189-8ad3-f9b9-c822-3a71b8ffdec2 pragma no-cache date Tue, 15 Feb 2022 19:51:45 GMT cache-control no-store content-length 0 vary origin expires 0
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame 79BE	0 474 B	77ms 14ms	Image text/plain	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:45 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type text/plain; charset=utf8 Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame 79BE Redirect Chain https://ups.analytics.yahoo.com/ups/58424/occ https://ups.analytics.yahoo.com/ups/58424/occ?verify=true https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-F8Rb6oBE2uGvbrBzV1.V8pg8n7WKx3M9iVlo2is-~A	43 B 95 B	166ms 165ms	Image image/gif	2606:4700:10::6816:2560 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-F8Rb6oBE2uGvbrBzV1.V8pg8n7WKx3M9iVlo2is-~A Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Server 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:45 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6de1129c6b6b0e16-MXP content-length 43 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/gif Redirect headers location https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-F8Rb6oBE2uGvbrBzV1.V8pg8n7WKx3M9iVlo2is-~A date Tue, 15 Feb 2022 19:51:45 GMT server ATS/9.1.0.33 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	200	0.gif id5-sync.com/i/495/ Frame 79BE	43 B 1009 B	46ms 11ms	Image image/gif	54.36.109.156 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.36.109.156 , France, ASN16276 (OVH, FR), Reverse DNS p07.id5-sync.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Tue, 15 Feb 2022 19:51:45 GMT Transfer-Encoding chunked Content-Type image/gif;charset=UTF-8 Strict-Transport-Security max-age=63072000; includeSubDomains; preload P3P CP="CAO PSA OUR"
GET H/1.1	204 No Content	pixel ap.lijit.com/ Frame 79BE	0 277 B	54ms 15ms	Image text/plain	216.52.2.30 AS-INAPCDN-OCY
General Check archive.org Show headers Download Go to Show image Full URL https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 15 Feb 2022 19:51:45 GMT Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap6ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Access-Control-Allow-Methods GET, POST, DELETE, PUT
GET H/1.1	200 OK	usermatch Show response ssum-sec.casalemedia.com/ Frame F516 Redirect Chain https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1	2 KB 3 KB	71ms 71ms	Document text/html	104.102.29.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-102-29-65.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 7113da1092e0e329671309927b0828b5d6fe1c33b4dd43680fa2057bd377da4e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ Response headers Server Apache Content-Type text/html Dropped-Udsids 45|230|241|39|17|81|3|4 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Expires Tue, 15 Feb 2022 19:51:45 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Tue, 15 Feb 2022 19:51:45 GMT Content-Length 1647 Connection keep-alive Redirect headers Server Apache Content-Length 315 Content-Type text/html; charset=iso-8859-1 Location https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Expires Tue, 15 Feb 2022 19:51:45 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Tue, 15 Feb 2022 19:51:45 GMT Connection keep-alive
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame E9C5	15 KB 6 KB	68ms 20ms	Document text/html	104.108.144.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-144-214.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ Response headers last-modified Tue, 01 Feb 2022 06:38:00 GMT etag "1300708-3de4-5d6ef246ef4cf" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5549 content-type text/html; charset=UTF-8 cache-control max-age=159956 expires Thu, 17 Feb 2022 16:17:41 GMT date Tue, 15 Feb 2022 19:51:45 GMT vary Accept-Encoding
GET H2	200	/ Show response onetag-sys.com/usync/ Frame D255	2 KB 814 B	29ms 7ms	Document text/html	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H2	204	pbsync usermatch.targeting.unrulymedia.com/ Frame 5A4C	0 0	65ms 15ms	Document text/plain	213.19.147.44 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US), Reverse DNS Software Tengine / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ Response headers server Tengine date Tue, 15 Feb 2022 19:51:45 GMT
GET H/1.1	200 OK	uc.html Show response sync.go.sonobi.com/ Frame C791	43 B 551 B	73ms 15ms	Document text/html	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25 Security Headers Name Value X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sync.quantumdex.io/ Response headers Date Tue, 15 Feb 2022 19:51:45 GMT Content-Type text/html Transfer-Encoding chunked Expires Sat, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, no-store, private P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Pragma no-cache Tcn Choice Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 X-Xss-Protection 0 Content-Encoding gzip Server sonobi-go
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame E9C5	2 KB 3 KB	702ms 156ms	Script text/html	192.82.242.209
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98702480&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.82.242.209 -, , ASN (), Reverse DNS Software / Resource Hash 907de5879d1a89dd2ac4e342f09a3cd78f6b0dee13eae96bce8e776626fafad3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:46 GMT content-type text/html; charset=UTF-8 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame F516 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgwEUbX-IEsAWzZza390mAAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFfOWdlXOWYjnHpvV1IFW8U&google_cver=1&gdpr=1	43 B 1018 B	49ms 49ms	Image image/gif	104.108.145.8
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFfOWdlXOWYjnHpvV1IFW8U&google_cver=1&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Server 104.108.145.8 -, , ASN (), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:46 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 15 Feb 2022 19:51:46 GMT Redirect headers pragma no-cache date Tue, 15 Feb 2022 19:51:46 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFfOWdlXOWYjnHpvV1IFW8U&google_cver=1&gdpr=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame F516	170 B 502 B	66ms 36ms	Image image/png	142.250.185.194
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgwEUbX_IEsAWzZza390mAAABGsAAAIB&gdpr_consent=&us_privacy=&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 -, , ASN (), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 15 Feb 2022 19:51:45 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame F516 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgwEUbX_IEsAWzZza390mAAABGsAAAIB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgwEUbX_IEsAWzZza390mAAABGsAAAIB&dcc=t	43 B 645 B	100ms 100ms	Image image/gif	209.54.176.128
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgwEUbX_IEsAWzZza390mAAABGsAAAIB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Server 209.54.176.128 -, , ASN (), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:46 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid X5BDQSV8H8Q8PJM8HDV8 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:45 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid F5W912R2GVW29TQEGMF2 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgwEUbX_IEsAWzZza390mAAABGsAAAIB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame F516	70 B 265 B	389ms 36ms	Image image/gif	15.197.193.217
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 -, , ASN (), Reverse DNS Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 15 Feb 2022 19:51:45 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame F516 Redirect Chain https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1	43 B 315 B	45ms 45ms	Image image/gif	104.108.145.8
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Server 104.108.145.8 -, , ASN (), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:46 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Tue, 15 Feb 2022 19:51:46 GMT Redirect headers Location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1 Pragma no-cache Date Tue, 15 Feb 2022 19:51:46 GMT Cache-Control no-cache, no-store, must-revalidate Expires Thu, 01 Dec 1994 16:00:00 GMT Content-Length 106 Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame F516 Redirect Chain https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FZyKkhOaj8AOl4mTG52XwhWXj5QOyNvEQspYu9tg	43 B 1012 B	393ms 79ms	Image image/gif	104.108.145.8
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FZyKkhOaj8AOl4mTG52XwhWXj5QOyNvEQspYu9tg Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Server 104.108.145.8 -, , ASN (), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:45 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 15 Feb 2022 19:51:45 GMT Redirect headers pragma no-cache date Tue, 15 Feb 2022 19:51:45 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=FZyKkhOaj8AOl4mTG52XwhWXj5QOyNvEQspYu9tg cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame F516 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=38a9620c-0451-4d00-a1c2-793036bb7910&gdpr=1&gdpr_consent=	43 B 1008 B	67ms 32ms	Image image/gif	104.108.145.8
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=38a9620c-0451-4d00-a1c2-793036bb7910&gdpr=1&gdpr_consent= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Server 104.108.145.8 -, , ASN (), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:45 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 15 Feb 2022 19:51:45 GMT Redirect headers Date Tue, 15 Feb 2022 19:51:45 GMT Server MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0 Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=38a9620c-0451-4d00-a1c2-793036bb7910&gdpr=1&gdpr_consent= Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Tue, 15 Feb 2022 19:51:44 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame F516 Redirect Chain https://ad.turn.com/r/cs?pid=21&gdpr=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4161660752806682793	43 B 1 KB	71ms 35ms	Image image/gif	104.108.145.8
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4161660752806682793 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Server 104.108.145.8 -, , ASN (), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:46 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 15 Feb 2022 19:51:46 GMT Redirect headers location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4161660752806682793 pragma no-cache date Tue, 15 Feb 2022 19:51:45 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H2	200	setuid sync.quantumdex.io/ Frame F516	43 B 95 B	197ms 196ms	Image image/gif	2606:4700:10::6816:2560 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=ix&uid=YgwEUbX_IEsAWzZza390mAAABGsAAAIB Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:45 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6de1129dee8e0e16-MXP content-length 43 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/gif
GET H2	200	match Show response c1.adform.net/serving/cookie/ Frame D646	35 B 468 B	20ms 19ms	Document image/gif	37.157.4.24 ADFORM
General Check archive.org Show headers Download Go to Full URL https://c1.adform.net/serving/cookie/match?party=14&cid=BF48C7BC-2A2E-4377-A589-A3A97B17724A Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers server nginx date Tue, 15 Feb 2022 19:51:46 GMT content-type image/gif cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache expires -1 access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 strict-transport-security max-age=31536000; includeSubDomains
GET H2	503	b9pj45k4 Show response sync-tm.everesttech.net/upi/pid/ Frame E6B1	0 177 B	29ms 10ms	Document text/plain	151.101.130.49
General Check archive.org Show headers Download Go to Full URL https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.49 -, , ASN (), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers server Varnish retry-after 0 accept-ranges bytes date Tue, 15 Feb 2022 19:51:46 GMT via 1.1 varnish x-served-by cache-hhn4041-HHN x-cache MISS x-cache-hits 0 x-timer S1644954706.112576,VS0,VE0 cache-control no-cache pragma no-cache content-length 0
GET H2	200	Pug Show response simage2.pubmatic.com/AdServer/ Frame 1B8A Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:38a9620c-0451-4d00-a1c2-793036bb7910&gdpr=0&gdpr_consent=	42 B 514 B	43ms 14ms	Document image/gif	185.64.189.110
General Check archive.org Show headers Download Go to Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:38a9620c-0451-4d00-a1c2-793036bb7910&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 -, , ASN (), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers server nginx date Tue, 15 Feb 2022 15:54:21 GMT content-type image/gif; charset=utf-8 content-length 42 x-lat amspug0023:0:339 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control no-store, no-cache, private Redirect headers Date Tue, 15 Feb 2022 19:51:46 GMT Content-Type image/gif Content-Length 0 Connection keep-alive Keep-Alive timeout=360 Access-Control-Allow-Origin * Server MT3 4133 baa842e master cdg-pixel-x7 config:1.0.0 Cache-Control no-cache P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:38a9620c-0451-4d00-a1c2-793036bb7910&gdpr=0&gdpr_consent= Expires Tue, 15 Feb 2022 19:51:45 GMT
GET H2	200	setuid Show response sync.quantumdex.io/ Frame 2AA7	43 B 118 B	161ms 160ms	Document image/gif	2606:4700:10::6816:2560 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=BF48C7BC-2A2E-4377-A589-A3A97B17724A Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers date Tue, 15 Feb 2022 19:51:46 GMT content-type image/gif content-length 43 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6de112a11da70e16-MXP
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame E9C5 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v0jHvCouQ3eliaOpexdySg%3D%3D https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=	15 KB 15 KB	23ms 22ms	Image text/html	104.108.144.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-144-214.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:46 GMT content-encoding gzip last-modified Tue, 01 Feb 2022 06:38:00 GMT server Apache/2.2.15 (CentOS) etag "1300708-3de4-5d6ef246ef4cf" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=159955 accept-ranges bytes content-type text/html; charset=UTF-8 content-length 5549 expires Thu, 17 Feb 2022 16:17:41 GMT Redirect headers pragma no-cache date Tue, 15 Feb 2022 19:51:46 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 272 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	451	420486.gif idsync.rlcdn.com/ Frame E9C5	0 66 B	35ms 14ms	Image text/plain	35.244.174.68
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/420486.gif?partner_uid=BF48C7BC-2A2E-4377-A589-A3A97B17724A Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:46 GMT via 1.1 google alt-svc clear content-length 0
GET H2	200	SPug image4.pubmatic.com/AdServer/ Frame E9C5 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=38a9620c-0451-4d00-a1c2-793036bb7910	0 128 B	216ms 20ms	Image text/plain	185.64.190.81
General Check archive.org Show headers Download Go to Show image Full URL https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=38a9620c-0451-4d00-a1c2-793036bb7910 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 185.64.190.81 -, , ASN (), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:45 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Tue, 15 Feb 2022 19:51:46 GMT Server MT3 4133 baa842e master cdg-pixel-x10 config:1.0.0 Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=38a9620c-0451-4d00-a1c2-793036bb7910 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Tue, 15 Feb 2022 19:51:45 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame E9C5 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkY0OEM3QkMtMkEyRS00Mzc3LUE1ODktQTNBOTdCMTc3MjRB&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=	42 B 336 B	483ms 155ms	Image image/gif	204.237.133.120
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 204.237.133.120 -, , ASN (), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:46 GMT cache-control no-store, no-cache, private x-lat 10:0:466 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 15 Feb 2022 19:51:46 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame E9C5 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJvzjeUaMwjIQhj3_PQv4d8&google_cver=1	42 B 358 B	484ms 155ms	Image image/gif	204.237.133.120
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJvzjeUaMwjIQhj3_PQv4d8&google_cver=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 204.237.133.120 -, , ASN (), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:46 GMT cache-control no-store, no-cache, private x-lat 10:0:533 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 15 Feb 2022 19:51:46 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJvzjeUaMwjIQhj3_PQv4d8&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 379 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubmatic um.simpli.fi/ Frame E9C5	43 B 612 B	81ms 34ms	Image image/gif	169.50.137.182
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.50.137.182 -, , ASN (), Reverse DNS Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:46 GMT x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Mon, 14 Feb 2022 19:51:46 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame E9C5 Redirect Chain https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4161660752806682793&gdpr=0&gdpr_consent=&us_privacy=	1 B 479 B	37ms 14ms	Image text/html	185.64.189.110
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4161660752806682793&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 185.64.189.110 -, , ASN (), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:44 GMT cache-control no-store, no-cache, private x-lat amspug003:0:406 server nginx content-type text/html; charset=utf-8 content-length 1 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4161660752806682793&gdpr=0&gdpr_consent=&us_privacy= pragma no-cache date Tue, 15 Feb 2022 19:51:45 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame E9C5 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=14196d5d-3a46-4fbe-b9a4-5c9c9b20be55	42 B 451 B	14ms 14ms	Image image/gif	185.64.189.110
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=14196d5d-3a46-4fbe-b9a4-5c9c9b20be55 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 185.64.189.110 -, , ASN (), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:43 GMT cache-control no-store, no-cache, private x-lat amspug005:0:641 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 15 Feb 2022 19:51:46 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=14196d5d-3a46-4fbe-b9a4-5c9c9b20be55 cache-control private,no-cache, must-revalidate content-type text/html content-length 313
GET H2	200	BF48C7BC-2A2E-4377-A589-A3A97B17724A pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E9C5	43 B 994 B	526ms 35ms	Image image/gif	2a05:d018:d29:3602:550:4075:c055:f9b4
General Check archive.org Show headers Download Go to Show image Full URL https://pr-bh.ybp.yahoo.com/sync/pubmatic/BF48C7BC-2A2E-4377-A589-A3A97B17724A?gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:d29:3602:550:4075:c055:f9b4 -, , ASN (), Reverse DNS Software ATS / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:46 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 content-type image/gif x-xss-protection 1; mode=block content-length 43 x-content-type-options nosniff
GET H2	200	SPug image4.pubmatic.com/AdServer/ Frame E9C5 Redirect Chain https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BF48C7BC-2A2E-4377-A589-A3A97B17724A&redir=true&gdpr=0&gdpr_consent= https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-S57PYAdE2uV59kboZlcW6LVSzco7WCc-~A&gdpr=0&gdpr_consent=	0 260 B	261ms 19ms	Image text/plain	185.64.190.81
General Check archive.org Show headers Download Go to Show image Full URL https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-S57PYAdE2uV59kboZlcW6LVSzco7WCc-~A&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 185.64.190.81 -, , ASN (), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 16:20:53 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-S57PYAdE2uV59kboZlcW6LVSzco7WCc-~A&gdpr=0&gdpr_consent= date Tue, 15 Feb 2022 19:51:46 GMT server ATS/9.1.0.33 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame E9C5 Redirect Chain https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8872113371434408875&gdpr=0&gdpr_consent=	42 B 233 B	475ms 156ms	Image image/gif	204.237.133.120
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8872113371434408875&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Server 204.237.133.120 -, , ASN (), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 19:51:46 GMT cache-control no-store, no-cache, private x-lat sv3pug013:0:505 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:46 GMT X-Proxy-Origin 217.64.151.5; 217.64.151.5; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid ce0009b0-0a39-43a4-b617-31ccb0921216 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8872113371434408875&gdpr=0&gdpr_consent= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame CD61	0 729 B	29ms 29ms	Script text/html	185.33.220.100 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Feb 2022 19:51:46 GMT X-Proxy-Origin 217.64.151.5; 217.64.151.5; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 03e4339a-675d-4736-b7b7-8674e2be2dfd Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT