urlscan.io logo urlscan.io
SecurityTrails logo

aubtu.biz Open in urlscan Pro
2606:4700:20::681a:dd6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3UnVJcs?fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Effective URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_ter...
Submission: On February 14 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 80 IPs in 3 countries across 59 domains to perform 381 HTTP transactions. The main IP is 2606:4700:20::681a:dd6, located in United States and belongs to CLOUDFLARENET, US. The main domain is aubtu.biz.
TLS certificate: Issued by GTS CA 1P5 on January 23rd 2024. Valid for: 3 months.
This is the only time aubtu.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
28 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a03:2880:f20... 32934 (FACEBOOK)
1 1 23.222.12.49 20940 (AKAMAI-ASN1)
3 23.215.0.17 20940 (AKAMAI-ASN1)
2 146.75.36.157 54113 (FASTLY)
1 151.101.1.140 54113 (FASTLY)
12 2607:f8b0:400... 15169 (GOOGLE)
21 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:25c... 16509 (AMAZON-02)
2 2a03:2880:f00... 32934 (FACEBOOK)
9 2607:f8b0:400... 15169 (GOOGLE)
23 151.101.1.44 54113 (FASTLY)
16 2400:52e0:1a0... 200325 (BUNNYCDN)
9 2607:f8b0:400... 15169 (GOOGLE)
8 68.71.249.118 46562 (PERFORMIVE)
2 18.238.4.9 16509 (AMAZON-02)
1 104.244.42.8 13414 (TWITTER)
3 20 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
9 2607:f8b0:400... 15169 (GOOGLE)
3 151.101.193.44 54113 (FASTLY)
1 2a03:2880:f10... 32934 (FACEBOOK)
3 2600:9000:20e... 16509 (AMAZON-02)
3 2620:116:800b... 14618 (AMAZON-AES)
2 7 68.67.161.208 29990 (ASN-APPNEX)
3 3 104.36.113.110 62713 (AS-PUBMATIC)
1 3 172.253.122.156 15169 (GOOGLE)
1 1 162.248.18.37 62713 (AS-PUBMATIC)
1 1 104.36.113.111 62713 (AS-PUBMATIC)
1 2 172.64.151.101 13335 (CLOUDFLAR...)
4 5 34.200.65.202 14618 (AMAZON-AES)
1 1 8.39.36.141 26667 (RUBICONPR...)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 1 8.2.110.161 46636 (NATCOWEB)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 208.95.112.2 53334 (TUT-AS)
4 2600:9000:20e... 16509 (AMAZON-02)
1 2620:100:a001::c 19750 (AS-CRITEO)
2 2600:9000:25c... 16509 (AMAZON-02)
29 2607:f8b0:400... 15169 (GOOGLE)
18 141.226.124.48 200478 (TABOOLA-AS)
1 67.199.150.87 62713 (AS-PUBMATIC)
1 74.119.119.129 19750 (AS-CRITEO)
1 147.28.129.37 54825 (PACKET)
3 34.149.20.76 15169 (GOOGLE)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 2602:803:c002... 26667 (RUBICONPR...)
1 198.148.27.131 19189 (PULSEPOINT)
5 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 172.104.206.52 63949 (AKAMAI-LI...)
3 3 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
6 172.253.115.155 15169 (GOOGLE)
2 23.1.197.91 16625 (AKAMAI-AS)
1 2 23.58.225.215 16625 (AKAMAI-AS)
1 151.101.1.108 54113 (FASTLY)
7 2607:f8b0:401... 15169 (GOOGLE)
1 4 172.253.122.148 15169 (GOOGLE)
2 2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 13.224.214.118 16509 (AMAZON-02)
1 13.224.214.91 16509 (AMAZON-02)
1 13.224.214.58 16509 (AMAZON-02)
2 23.21.160.120 14618 (AMAZON-AES)
23 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:25c... 16509 (AMAZON-02)
6 23.48.8.52 16625 (AKAMAI-AS)
1 2 3.134.24.173 16509 (AMAZON-02)
2 141.226.224.48 200478 (TABOOLA-AS)
3 23.48.104.81 20940 (AKAMAI-ASN1)
1 2 35.244.193.51 15169 (GOOGLE)
1 2 15.197.193.217 16509 (AMAZON-02)
1 141.226.224.32 200478 (TABOOLA-AS)
2 18.222.52.200 16509 (AMAZON-02)
1 170.187.252.201 63949 (AKAMAI-LI...)
4 130.211.115.4 396982 (GOOGLE-CL...)
2 2 44.238.141.43 16509 (AMAZON-02)
5 3.14.137.50 16509 (AMAZON-02)
2 2 44.206.112.94 14618 (AMAZON-AES)
2 2 3.233.22.19 14618 (AMAZON-AES)
1 2 34.117.77.79 396982 (GOOGLE-CL...)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2400:52e0:1a0... 200325 (BUNNYCDN)
1 2607:f8b0:400... 15169 (GOOGLE)
10 2400:52e0:1a0... 200325 (BUNNYCDN)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... ()
381 80
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
28    2606:4700:20::681a:dd6 (United States)

ASN13335 (CLOUDFLARENET, US)
aubtu.biz
5    2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a03:2880:f203:e5:face:b00c:0:4420 (United States)

ASN32934 (FACEBOOK, US)
www.instagram.com
1    23.222.12.49 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-12-49.deploy.static.akamaitechnologies.com
www.tiktok.com
3    23.215.0.17 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-215-0-17.deploy.static.akamaitechnologies.com
sf16-website-login.neutral.ttwstatic.com
2    146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)
platform.twitter.com
1    151.101.1.140 (United States)

ASN54113 (FASTLY, US)
embed.reddit.com
12    2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
21    2607:f8b0:4004:c1d::9d (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2600:9000:25c8:d400:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.inmobi.com
2    2a03:2880:f003:c0e:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
9    2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
23    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
beacon.taboola.com
15.taboola.com
imprnjmp.taboola.com
16    2400:52e0:1a00::718:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)
cdn.unibotscdn.com
9    2607:f8b0:4004:c06::64 (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
8    68.71.249.118 (United States)

ASN46562 (PERFORMIVE, US)
udmserve.net
2    18.238.4.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-9.phl51.r.cloudfront.net
platform-api.sharethis.com
buttons-config.sharethis.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
20    2607:f8b0:4004:c09::9a (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
stats.g.doubleclick.net
1    2606:4700:20::681a:7e4 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.ocmhood.com
9    2607:f8b0:4004:c09::65 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
vidstat.taboola.com
pips.taboola.com
1    2a03:2880:f103:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2600:9000:20ed:d800:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
bid.underdog.media
3    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
7    68.67.161.208 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
nym1-ib.adnxs.com
3    104.36.113.110 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
cm.g.doubleclick.net
bid.g.doubleclick.net
1    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    104.36.113.111 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
5    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
1    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    8.2.110.161 (United States)

ASN46636 (NATCOWEB, US)
cm-x.mgid.com
1    2606:4700:3034::6815:513 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ocmtag.com
2    208.95.112.2 (United States)

ASN53334 (TUT-AS, US)
pro.ip-api.com
4    2600:9000:20ed:e800:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
1    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    2600:9000:25c8:5800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
29    2607:f8b0:4004:c08::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
18    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
1    67.199.150.87 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
1    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
underdogmedia-d.openx.net
1    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bid.contextweb.com
5    2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    2607:f8b0:4004:c08::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    172.104.206.52 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-206-52.ip.linodeusercontent.com
socket.unibots.in
3    2607:f8b0:4004:c09::93 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)
t.ocmhood.com
6    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
www.googleadservices.com
2    23.1.197.91 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-197-91.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
2    23.58.225.215 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-225-215.deploy.static.akamaitechnologies.com
ssl.connextra.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
7    2607:f8b0:4012:809::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    172.253.122.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f148.1e100.net
ad.doubleclick.net
2    2607:f8b0:4004:c1b::71 (Washington, United States)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2607:f8b0:400b:7::9 (United States)

ASN15169 (GOOGLE, US)
r4---sn-tt1e7nlz.c.2mdn.net
1    13.224.214.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-118.phl50.r.cloudfront.net
ajs-assets.ftstatic.com
1    13.224.214.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-91.phl50.r.cloudfront.net
cdn.socket.io
1    13.224.214.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-58.phl50.r.cloudfront.net
agen-assets.ftstatic.com
2    23.21.160.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-160-120.compute-1.amazonaws.com
d9.flashtalking.com
23    2606:4700::6811:ca6e (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
2    2600:9000:25c8:3400:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
6    23.48.8.52 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-8-52.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
secure.flashtalking.com
stat.flashtalking.com
2    3.134.24.173 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-24-173.us-east-2.compute.amazonaws.com
l.sharethis.com
2    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
us-match.taboola.com
us-vid-events.taboola.com
3    23.48.104.81 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-104-81.deploy.static.akamaitechnologies.com
t.sharethis.com
2    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    18.222.52.200 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-222-52-200.us-east-2.compute.amazonaws.com
ad-events.flashtalking.com
1    170.187.252.201 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 170-187-252-201.ip.linodeusercontent.com
api.unibots.in
4    130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
2    44.238.141.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-141-43.us-west-2.compute.amazonaws.com
loadus.exelator.com
5    3.14.137.50 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-14-137-50.us-east-2.compute.amazonaws.com
sync.sharethis.com
2    44.206.112.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-112-94.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    3.233.22.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-22-19.compute-1.amazonaws.com
ps.eyeota.net
2    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
1    2400:52e0:1a00::1067:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)
unibots.b-cdn.net
1    2607:f8b0:4004:c06::95 (Washington, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    2400:52e0:1a00::1029:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)
stream.unibotscdn.com
1    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    2607:f8b0:400b:6::9 (None, )

ASN- ()
r4---sn-tt1e7nls.c.2mdn.net
Apex Domain
Subdomains		 Transfer
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
870 KB
47 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1140
pm-widget.taboola.com — Cisco Umbrella Rank: 3346
trc.taboola.com — Cisco Umbrella Rank: 652
beacon.taboola.com — Cisco Umbrella Rank: 13157
15.taboola.com — Cisco Umbrella Rank: 5567
ch-trc-events.taboola.com — Cisco Umbrella Rank: 3985
vidstat.taboola.com — Cisco Umbrella Rank: 3225
imprnjmp.taboola.com — Cisco Umbrella Rank: 8086
us-match.taboola.com — Cisco Umbrella Rank: 8260
us-vid-events.taboola.com — Cisco Umbrella Rank: 7820
pips.taboola.com — Cisco Umbrella Rank: 1776
cds.taboola.com — Cisco Umbrella Rank: 2040
377 KB
28 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 278
stats.g.doubleclick.net — Cisco Umbrella Rank: 113
bid.g.doubleclick.net — Cisco Umbrella Rank: 1015
ad.doubleclick.net — Cisco Umbrella Rank: 149
pubads.g.doubleclick.net — Cisco Umbrella Rank: 402
262 KB
28 aubtu.biz
aubtu.biz
680 KB
26 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 29592
stream.unibotscdn.com — Cisco Umbrella Rank: 42921
3 MB
23 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 10037
313 KB
23 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
198 KB
16 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4734
buttons-config.sharethis.com — Cisco Umbrella Rank: 5372
platform-cdn.sharethis.com — Cisco Umbrella Rank: 10375
l.sharethis.com — Cisco Umbrella Rank: 5050
t.sharethis.com — Cisco Umbrella Rank: 6330
sync.sharethis.com — Cisco Umbrella Rank: 3140
68 KB
12 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 1052
d9.flashtalking.com — Cisco Umbrella Rank: 1922
cdn.flashtalking.com — Cisco Umbrella Rank: 1279
secure.flashtalking.com — Cisco Umbrella Rank: 2672
ad-events.flashtalking.com — Cisco Umbrella Rank: 1378
stat.flashtalking.com — Cisco Umbrella Rank: 1448
28 KB
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659
www.google.com — Cisco Umbrella Rank: 2
68 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
imasdk.googleapis.com — Cisco Umbrella Rank: 476
512 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
21 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
731 KB
8 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 523
ib.adnxs.com — Cisco Umbrella Rank: 272
cdn.adnxs.com — Cisco Umbrella Rank: 1940
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1480
52 KB
8 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3424
11 KB
6 ad-score.com
js.ad-score.com — Cisco Umbrella Rank: 3270
data.ad-score.com — Cisco Umbrella Rank: 3128
254 KB
6 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1326
r4---sn-tt1e7nlz.c.2mdn.net — Cisco Umbrella Rank: 372334
s0.2mdn.net — Cisco Umbrella Rank: 328
r4---sn-tt1e7nls.c.2mdn.net
18 KB
6 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 141
6 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 676
image2.pubmatic.com — Cisco Umbrella Rank: 1105
image4.pubmatic.com — Cisco Umbrella Rank: 1314
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 479
2 KB
5 33across.com
ssc.33across.com — Cisco Umbrella Rank: 4165
lexicon.33across.com — Cisco Umbrella Rank: 1608
1 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 421
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1552
2 KB
4 ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 30847
t.ocmhood.com — Cisco Umbrella Rank: 10988
13 KB
3 unibots.in
socket.unibots.in — Cisco Umbrella Rank: 46554
api.unibots.in — Cisco Umbrella Rank: 53904
10 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1423
pixel.quantserve.com — Cisco Umbrella Rank: 1207
10 KB
3 underdog.media
bid.underdog.media — Cisco Umbrella Rank: 26636
164 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1221
syndication.twitter.com — Cisco Umbrella Rank: 1517
131 KB
3 ttwstatic.com
sf16-website-login.neutral.ttwstatic.com — Cisco Umbrella Rank: 7168
22 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
5 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 493
832 B
2 ml314.com
ml314.com — Cisco Umbrella Rank: 2124
556 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1188
1 KB
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1084
897 B
2 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1548
2 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 389
913 B
2 ftstatic.com
ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1818
agen-assets.ftstatic.com — Cisco Umbrella Rank: 1459
30 KB
2 connextra.com
ssl.connextra.com — Cisco Umbrella Rank: 7797
952 B
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1404
1 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
bidder.criteo.com — Cisco Umbrella Rank: 691
476 B
2 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5768
538 B
2 rubiconproject.com
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 5263
fastlane.rubiconproject.com — Cisco Umbrella Rank: 538
8 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 541
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 191
69 KB
2 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 4076
43 KB
1 b-cdn.net
unibots.b-cdn.net — Cisco Umbrella Rank: 46839
1 KB
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 5993
145 KB
1 socket.io
cdn.socket.io — Cisco Umbrella Rank: 36312
13 KB
1 contextweb.com
bid.contextweb.com — Cisco Umbrella Rank: 4686
944 B
1 openx.net
underdogmedia-d.openx.net — Cisco Umbrella Rank: 31585
589 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1234
11 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 854
14 KB
1 ocmtag.com
cdn.ocmtag.com — Cisco Umbrella Rank: 32033
758 B
1 mgid.com
cm-x.mgid.com — Cisco Umbrella Rank: 3778
561 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 2229
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
185 B
1 reddit.com
embed.reddit.com — Cisco Umbrella Rank: 67361
3 KB
1 tiktok.com
www.tiktok.com — Cisco Umbrella Rank: 4149
4 KB
1 instagram.com
www.instagram.com — Cisco Umbrella Rank: 1916
21 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 5619
427 B
0 sonobi.com Failed
sync.go.sonobi.com Failed
381 59
Domain Requested by
29 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
28 aubtu.biz aubtu.biz
23 c.bannerflow.net ajs-assets.ftstatic.com
c.bannerflow.net
aubtu.biz
21 pagead2.googlesyndication.com aubtu.biz
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
18 ch-trc-events.taboola.com aubtu.biz
18 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
16 cdn.unibotscdn.com aubtu.biz
cdn.unibotscdn.com
16 cdn.taboola.com aubtu.biz
cdn.taboola.com
12 fonts.gstatic.com aubtu.biz
fonts.googleapis.com
10 stream.unibotscdn.com vjs.zencdn.net
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
9 fundingchoicesmessages.google.com aubtu.biz
9 www.googletagmanager.com aubtu.biz
www.googletagmanager.com
cdn.unibotscdn.com
8 udmserve.net aubtu.biz
bid.underdog.media
7 csi.gstatic.com imasdk.googleapis.com
6 www.googleadservices.com googleads.g.doubleclick.net
aubtu.biz
5 sync.sharethis.com aubtu.biz
5 imasdk.googleapis.com googleads.g.doubleclick.net
cdn.unibotscdn.com
imasdk.googleapis.com
5 fonts.googleapis.com aubtu.biz
googleads.g.doubleclick.net
4 data.ad-score.com js.ad-score.com
4 ad.doubleclick.net 1 redirects aubtu.biz
4 nym1-ib.adnxs.com bid.underdog.media
aubtu.biz
cdn.adnxs.com
4 www.gstatic.com googleads.g.doubleclick.net
4 platform-cdn.sharethis.com aubtu.biz
4 ups.analytics.yahoo.com 3 redirects bid.underdog.media
3 stat.flashtalking.com aubtu.biz
3 t.sharethis.com platform-api.sharethis.com
t.sharethis.com
3 t.ocmhood.com sdk.ocmhood.com
3 www.google.com 3 redirects
3 ssc.33across.com bid.underdog.media
3 image8.pubmatic.com 3 redirects
3 bid.underdog.media udmserve.net
bid.underdog.media
3 sf16-website-login.neutral.ttwstatic.com aubtu.biz
www.tiktok.com
3 cdnjs.cloudflare.com aubtu.biz
2 idsync.rlcdn.com 2 redirects
2 ml314.com 1 redirects aubtu.biz
2 ps.eyeota.net 2 redirects
2 bcp.crwdcntrl.net 2 redirects
2 loadus.exelator.com 2 redirects
2 ad-events.flashtalking.com aubtu.biz
2 match.adsrvr.org 1 redirects bid.underdog.media
2 lexicon.33across.com 1 redirects aubtu.biz
2 l.sharethis.com 1 redirects aubtu.biz
2 pixel.quantserve.com aubtu.biz
2 cdn.flashtalking.com ajs-assets.ftstatic.com
aubtu.biz
2 js.ad-score.com ajs-assets.ftstatic.com
js.ad-score.com
2 d9.flashtalking.com ajs-assets.ftstatic.com
d9.flashtalking.com
2 r4---sn-tt1e7nlz.c.2mdn.net googleads.g.doubleclick.net
aubtu.biz
2 gcdn.2mdn.net 2 redirects
2 bid.g.doubleclick.net imasdk.googleapis.com
2 ssl.connextra.com 1 redirects aubtu.biz
2 servedby.flashtalking.com aubtu.biz
2 stats.g.doubleclick.net www.google-analytics.com
2 socket.unibots.in cdn.unibotscdn.com
2 rules.quantcount.com secure.quantserve.com
2 beacon.taboola.com aubtu.biz
2 pro.ip-api.com cdn.unibotscdn.com
2 trc.taboola.com cdn.taboola.com
2 ssum-sec.casalemedia.com 1 redirects aubtu.biz
2 secure.adnxs.com 2 redirects
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 connect.facebook.net aubtu.biz
connect.facebook.net
2 cmp.inmobi.com aubtu.biz
cmp.inmobi.com
2 platform.twitter.com aubtu.biz
platform.twitter.com
1 r4---sn-tt1e7nls.c.2mdn.net aubtu.biz
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 s0.2mdn.net imasdk.googleapis.com
1 unibots.b-cdn.net cdn.unibotscdn.com
1 vjs.zencdn.net cdn.unibotscdn.com
1 cms.analytics.yahoo.com 1 redirects
1 api.unibots.in cdn.unibotscdn.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 us-vid-events.taboola.com aubtu.biz
1 us-match.taboola.com vidstat.taboola.com
1 imprnjmp.taboola.com vidstat.taboola.com
1 secure.flashtalking.com aubtu.biz
1 agen-assets.ftstatic.com ajs-assets.ftstatic.com
1 cdn.socket.io cdn.unibotscdn.com
1 ajs-assets.ftstatic.com servedby.flashtalking.com
1 cdn.adnxs.com bid.underdog.media
1 vidstat.taboola.com cdn.taboola.com
1 bid.contextweb.com bid.underdog.media
1 ib.adnxs.com bid.underdog.media
1 fastlane.rubiconproject.com bid.underdog.media
1 underdogmedia-d.openx.net bid.underdog.media
1 prebid.media.net bid.underdog.media
1 prebid.a-mo.net bid.underdog.media
1 bidder.criteo.com bid.underdog.media
1 hbopenbid.pubmatic.com bid.underdog.media
1 15.taboola.com cdn.taboola.com
1 gum.criteo.com cdn.taboola.com
1 cdn.ocmtag.com sdk.ocmhood.com
1 cm-x.mgid.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 pixel-us-west.rubiconproject.com 1 redirects
1 image4.pubmatic.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 secure.quantserve.com udmserve.net
1 buttons-config.sharethis.com platform-api.sharethis.com
1 www.facebook.com aubtu.biz
1 sdk.ocmhood.com cdn.taboola.com
1 syndication.twitter.com platform.twitter.com
1 platform-api.sharethis.com aubtu.biz
1 embed.reddit.com aubtu.biz
1 www.tiktok.com 1 redirects
1 www.instagram.com aubtu.biz
1 bit.ly 1 redirects
0 sync.go.sonobi.com Failed aubtu.biz
381 110
Subject Issuer Validity Valid
aubtu.biz
GTS CA 1P5		 2024-01-23 -
2024-04-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2023-11-23 -
2024-02-21		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-08-20		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-15 -
2024-07-13		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2023-08-18 -
2024-08-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-23 -
2024-02-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
cdn.unibotscdn.com
R3		 2024-01-10 -
2024-04-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
udmserve.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-30 -
2024-11-16		 10 months crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
syndication.twitter.com
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
*.neutral.ttwstatic.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-06-30 -
2024-07-30		 a year crt.sh
ocmhood.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh
underdog.media
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-31 -
2024-11-20		 10 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
ocmtag.com
Cloudflare Inc ECC CA-3		 2023-12-25 -
2024-12-24		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-21 -
2025-01-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2023-12-25 -
2024-03-24		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
socket.unibots.in
R3		 2024-02-01 -
2024-05-01		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-14 -
2024-09-14		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.ftstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-06 -
2024-03-08		 a year crt.sh
cdn.socket.io
Amazon RSA 2048 M03		 2023-10-22 -
2024-11-17		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2024-01-16 -
2024-03-26		 2 months crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2023-07-19 -
2024-08-19		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2023-09-02 -
2024-10-03		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-04 -
2024-05-03		 a year crt.sh
cert1-prod.aut.a24365.net
R3		 2024-02-12 -
2024-05-12		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
ad-events.flashtalking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-17 -
2024-09-03		 a year crt.sh
api.unibots.in
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-03 -
2024-07-04		 a year crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-05 -
2024-11-11		 a year crt.sh
stream.unibotscdn.com
R3		 2024-01-29 -
2024-04-28		 3 months crt.sh

This page contains 31 frames:

Primary Page: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Frame ID: 4902D2DB3B390DBA3050DBE2EC69193A
Requests: 223 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Faubtu.biz
Frame ID: 78339EE2CF7A20317B7D4F464E932D95
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 7D39D6A253C659DAF3C298B6F7F7F87E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&adk=1812271804&adf=3025194257&lmt=1707930684&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=6&bdt=2553&idt=813&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5591581463296&frm=20&pv=2&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1496
Frame ID: 624141A1AF2B6044554B9D900788BC52
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Frame ID: 1156ABB5E4992CF45134AE9A7EAF410E
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=2297727133&adk=4215942016&adf=2329959825&pi=t.ma~as.2297727133&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=964&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1535
Frame ID: 19EEE7BE5E6CCD97C8F7AE55183F2477
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=3419237118&adk=250397188&adf=3641343473&pi=t.ma~as.3419237118&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1082&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1558
Frame ID: 7BC0EDDC0BC6302FBD19A8C3A71C49E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Frame ID: 57943DAE8E27635F118A66C79742474E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=1914583755&adk=2343838045&adf=3406639008&pi=t.ma~as.1914583755&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1284&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=6708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=1594
Frame ID: 283242B6C14F4D4FEECDAC1537F58478
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 63F05361A9EA80509B16B4E303EFF892
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C6A4A5AA346A4947186BCCBB428D07E7
Requests: 2 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=16619;tid=11;dt=7;p=1;rri=1707930687995_531416_166.0.205.80;mid=48186;zzz=%5B48186%2C1707930687%2C%22B0H9jbsTW440jTCE%2BkyiGA%22%5D;version=v2.23.3;cb=0.32208023081213;qqq=3.3102095336153106;session=1;style=slider;vis=visible;traffic_info=%7B%22utm_source%22%3A%22NG20%22%2C%22utm_medium%22%3A%22ngocptn%22%2C%22utm_campaign%22%3A%22JessicaWilson%22%2C%22utm_term%22%3A%22Sep%2B29%22%2C%22utm_content%22%3A%22TV%2B%26%2BMovies%22%7D;
Frame ID: B1CEF2EC1012BA66C2B0534E73E65A91
Requests: 32 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Frame ID: A6DACBA47B348892971B5C12EF2762F0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Frame ID: E901AC0844E3F974A5072C32FCE87C64
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Frame ID: E96F4461280C5EC90C641CF6D8B6376C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 1E23552011638FCC23B216A0A5CF4108
Requests: 3 HTTP requests in this frame

Frame: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
Frame ID: 8B763A14700C2831E60DC755A75A8567
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: CBCF3978C7777321C018B8A08F47AFB8
Requests: 6 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66531085&crid=6425865&dast=V9HfwCABYDAJ71P5xAlUolBACe9T-cQJVKJQUAAAAABgYA9AcAJDbzzJbL0Wyt8Y2Ma9Fm5HBLjCvTWmJZuCwLl2e0GU2GAECSs91qsFsu1xKLx-MWrUwbt8Q0ca0lw5FtsJyNPMORxwoAJMZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmz0FVd5reAMCCptPhc93rFa6L6XWXOK1_yWAtcRmddpNbdHS5NR-X3eUWHP2mv-cOAAAAAAAPAABiDQkQAD-AAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAAAKtFUaAAAmGwAC0SEHAEL77abLy2H2BwAAwEMECAAAgAAGCQDAAflwCQCAy0j-CQAAAAAAAAAAAAvA____fwzAwP1LgwzAQH9-cw8AwIMPAMADEQAAAMFbEQAjAAAAAABTgGaoI4BJAJ0AUAFYVAEAABCkWwEAXAEAAAQ0omp6LIcBAAAABIwBLNDD4vebHXaN3-0yAAAAAAAAAAAAM4D_M4B_NAChmvrhNADhSRR7NYBfQACANYBfQAAANgB1AwAAeAMIgAMIOgCCVgwGqwMIiNkBAAAAANwB_P___-sBgMxwsNuNLKPBcLNxDleL0WIysVhcM8tiMFwOJ77tASxL20GtGVwX9QGYCMvs9x0UlNPTY3YZREXX22J3OM2eg6ruNB3EBw3DcjII5gcwYYvRajLZLIez5WIyGI6Go9H-AAZishggwEQMlsvJZDHZrUar0Wa4G80GCwQQiMEEAShaNJisRqPJYjJcjSar2XKx220QgKJVq9loMxiuZpPZbrcaDobL0QgBJmwxWk0mm-VwtlxMBsPRcDQaIgBMeHwjx8rkXAt2w8FaNJjs1sKZceJWmCbLlW-xWjg2hrXo9TF9PLbdcmPYIoBgQM1eBBfpRPDwfX5_y9nkVrguptdFLNGcLNKJ7LLvDAe73cgyGgw3G-dwtRgtJhOLxTWzLAbD5XDi2zc8vpFjZXKuBbvhYC0aTHZr4cw4cStMk-XKt1gtHBvDWvT6mD4e2265Mewbu8FuuRnMhsN9YzfYLTeD2XC479AZvqvP2SisZbQenc-ZrUkNN6dB4TJYvCvVaaUtSA7a7FXkdGlmyqLO6Pf7_X6_3-_3-_0GredgNih858lu9Zl5Db7ndmYQGxSKWCI4XaQT0ct4uoglkqdFOlGYJhuHbzdyeVwuw2ZlsW0cq9lyONiYbDOHzWGZiCVK00U60UsGa4nL6LSb3KKjy635uOwut-DoN_09F_UfARhiNpsL5pLBai4crBIAAAAAAAAAAMASACaATICbAAAAAACcAAa12G0Wq-UCAFTATesC_Fh3hKUC3VnuAkDuYN0UoG_5HwM8wMP3-f0tZ5Nb4bqYXlcGAKjoomYG2AzgGYAg1mq1rAEAAAAEsAEAAAACuAF0A_AGEIgOxQEAAAAExgEAAAAAyAHsAwA1wY5eK_TE8QMUxGg5We4fAECAQqzVavl8sVarJRDw____TxAAAAAAAACgEwU!&cmcv=&pix=undefined&cb=1707930693672&uv=3378&tms=1707930693672&abt=adxsub-out_vA!adxsub-out_vB!dd_vA!esv_vA!rbcatc_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=6f369946-c7d8-43da-b8e4-b2ae2ae34342&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 1DD08D561B5F851150D442E7B515841A
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V9HfwCABYDAJ71P5xAlUolBACe9T-cQJVKJQUAAAAABgYA9AcAJDbzzJbL0Wyt8Y2Ma9Fm5HBLjCvTWmJZuCwLl2e0GU2GAECSs91qsFsu1xKLx-MWrUwbt8Q0ca0lw5FtsJyNPMORxwoAJMZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmz0FVd5reAMCCptPhc93rFa6L6XWXOK1_yWAtcRmddpNbdHS5NR-X3eUWHP2mv-cOAAAAAAAPAABiDQkQAD-AAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAAAKtFUaAAAmGwAC0SEHAEL77abLy2H2BwAAwEMECAAAgAAGCQDAAflwCQCAy0j-CQAAAAAAAAAAAAvA____fwzAwP1LgwzAQH9-cw8AwIMPAMADEQAAAMFbEQAjAAAAAABTgGaoI4BJAJ0AUAFYVAEAABCkWwEAXAEAAAQ0omp6LIcBAAAABIwBLNDD4vebHXaN3-0yAAAAAAAAAAAAM4D_M4B_NAChmvrhNADhSRR7NYBfQACANYBfQAAANgB1AwAAeAMIgAMIOgCCVgwGqwMIiNkBAAAAANwB_P___-sBgMxwsNuNLKPBcLNxDleL0WIysVhcM8tiMFwOJ77tASxL20GtGVwX9QGYCMvs9x0UlNPTY3YZREXX22J3OM2eg6ruNB3EBw3DcjII5gcwYYvRajLZLIez5WIyGI6Go9H-AAZishggwEQMlsvJZDHZrUar0Wa4G80GCwQQiMEEAShaNJisRqPJYjJcjSar2XKx220QgKJVq9loMxiuZpPZbrcaDobL0QgBJmwxWk0mm-VwtlxMBsPRcDQaIgBMeHwjx8rkXAt2w8FaNJjs1sKZceJWmCbLlW-xWjg2hrXo9TF9PLbdcmPYIoBgQM1eBBfpRPDwfX5_y9nkVrguptdFLNGcLNKJ7LLvDAe73cgyGgw3G-dwtRgtJhOLxTWzLAbD5XDi2zc8vpFjZXKuBbvhYC0aTHZr4cw4cStMk-XKt1gtHBvDWvT6mD4e2265Mewbu8FuuRnMhsN9YzfYLTeD2XC479AZvqvP2SisZbQenc-ZrUkNN6dB4TJYvCvVaaUtSA7a7FXkdGlmyqLO6Pf7_X6_3-_3-_0GredgNih858lu9Zl5Db7ndmYQGxSKWCI4XaQT0ct4uoglkqdFOlGYJhuHbzdyeVwuw2ZlsW0cq9lyONiYbDOHzWGZiCVK00U60UsGa4nL6LSb3KKjy635uOwut-DoN_09F_UfARhiNpsL5pLBai4crBIAAAAAAAAAAMASACaATICbAAAAAACcAAa12G0Wq-UCAFTATesC_Fh3hKUC3VnuAkDuYN0UoG_5HwM8wMP3-f0tZ5Nb4bqYXlcGAKjoomYG2AzgGYAg1mq1rAEAAAAEsAEAAAACuAF0A_AGEIgOxQEAAAAExgEAAAAAyAHsAwA1wY5eK_TE8QMUxGg5We4fAECAQqzVavl8sVarJRDw____TxAAAAAAAACgEwU!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 83BC449CA4E86A3B067BC4C39FF2F100
Requests: 1 HTTP requests in this frame

Frame: blob://https://c.bannerflow.net/1fad0b0f-8fbc-4b7f-8198-68dc5191e099
Frame ID: 18DD993EB63074F85A6E28E0E4520F92
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 91A26E73F51D2B0BD0EB625447904A47
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A994F470B9D7426FC09E53CE414435C4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Frame ID: E178BE887D50AA3FB1B962A05486248C
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F20cab9ff-0a31-4bdd-aa36-158bf65b11e2.png&w=279&h=222&q=90&f=webp&rt=contain
Frame ID: 33109BEF1476B33AA195AAE6DD080809
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F42e23c73-df5f-4e4c-b49b-13903f0d190d.png&w=333&h=308&q=90&f=webp&rt=contain
Frame ID: 136375F54A59E78E6DCBA00795B6ECBB
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: AB7FC877C9E8FE5C667F84362B603C64
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=B
Frame ID: 1E516D65C3BC600078FBF4A7AE8FEE1D
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/CA/t_.js?cid=c010&cls=B
Frame ID: E76D32A96BEAF6FFBA75AD379A7440D9
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.620.1_en.html
Frame ID: 4C2419804299A75CACFD7463326486CF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/canary/omweb-v1.js
Frame ID: 6301BF40390E0ED8BC815F73AE194272
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

20+ Behind-The-Scene Photos That Reveal The Deepest Secrets Of The MoviesGroup 3Group 3Group 3Group 3

Page URL History Show full URLs

  1. https://bit.ly/3UnVJcs?fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw HTTP 301
    https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=J... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

381
Requests

91 %
HTTPS

42 %
IPv6

59
Domains

110
Subdomains

80
IPs

3
Countries

8326 kB
Transfer

19251 kB
Size

108
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3UnVJcs?fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw HTTP 301
    https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://www.tiktok.com/embed.js HTTP 302
  • https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
Request Chain 77
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.2551514 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.2551514 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=5976599867382856814;cb=0.2551514
Request Chain 78
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.2551514 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.2551514&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjlDRkIyQ0EtNjIzOC00OTdCLTgyRTktQTczMDMxQTVBNDRF&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?cb=0.2551514&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D29CFB2CA-6238-497B-82E9-A73031A5A44E&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://udmserve.net/udm/fetch.pix?pmid=29CFB2CA-6238-497B-82E9-A73031A5A44E
Request Chain 79
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.2551514%3Bindx%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.2551514%3Bindx%3D&s=199174&C=1
Request Chain 80
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.2551514 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.2551514&verify=true HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-RSfgsm9E2uIeXm.g0VtDmG8_w8lNb1ib~A
Request Chain 82
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.2551514 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;magid=LSM1U2LG-27-BO6V
Request Chain 83
  • https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D HTTP 307
  • https://udmserve.net/udm/fetch.pix?dt=1;sncr=54474B5AF93641A18151A055347AB42C;cb=
Request Chain 84
  • https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;mgid=1f54ee41-59ba-4aca-996c-b816f5ae1777
Request Chain 181
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 192
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CFRc9QPTMZcXSKvndrr4Pn82zsAbs6pyidceSr_3-EbCQHxABILSOkUpg_cCUgegDoAH34pu0KMgBAqgDAcgDyQSqBOIBT9DCUYPDec0vhZjoTQV1dx-kBFiMezgIGwJPAkdxPzwMWPuQe2vG2Pd8jHkrs7a7xVfNPGHYn5zFa1WigOAQDZwv2VGqajTOSlVlIEKHlHP3dGjYWEySLx7ACc5rYB48g72yjK6_JMFPGYfuKoyCE-3-7PG0WD0aWfJ68QqUm0yM0YWUKzfj3Nu14gg__Z-isBk-vbY8P2_T3i4SD-eiaq-S8YgnRzR59NHaKN4aMIryc92G33QFk5imhTx7zNHEdctdmfF5NfHzufI7ARRK8mikCFsBwzT0F-A-MFwustIDi8AEgp_fhqAEiAXuxf3FSZIFBAgEGAGSBQQIBRgEoAYCgAf3muyTA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcEELayGNIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOljUuIDQqauEA5oJPWh0dHBzOi8vZnJlZS53ZWJjb21wYW5pb24uY29tL21pbmltZS9jYS8_Y2FtcGFpZ249MTk3NDI1NDg3MTiACgHICwHaDBEKCxDAnYasnfi9gKIBEgIBA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi00NDAyMzI5NjQyMTE1MTIwGAA&sigh=XsYsBYrjUS0&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_01guey_YuvCV04OGIDeFJUi7N9UlUKzw1kyWZv6iAZpFv90IN_rYR6Zmo6n7FxaP9bQ45Ztz9DzFcHkqKqOaQPDO9B1JmXuwk4wYAQ&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd0075a077abbc20d0000000000000000%22,%222%22:%220x1a947cfd784dddc80000000000000000%22,%223%22:%220xfe207bccc3ab510d0000000000000000%22,%224%22:%220x9adedb4c2e068a880000000000000000%22,%225%22:%220x9406c8f3f084ae3b0000000000000000%22},%22debug_key%22:%228402301793153399040%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2202-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221889000143750567201%22}&andc=true
Request Chain 193
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CaMtbQPTMZYW6Lu6Qrr4P4ICRyAvAlMTxdZKXk_3gEdvZHhABILSOkUpg_cCUgegDoAGTrJvYKsgBAqgDAcgDyQSqBPQBT9AXpjH5xPwgPnDK02_kwsW_j-H9isotKRC0xXKT_bpQ7p7jcMK8bTvELWqaWzgMn_TY05x-8uRz-aIiLpDsiyD1aQOmRpur-XPLTJeo9jWePKgxreJ7XAPXPPyOT7y-sfr5xW1ooMMb_3ePUKkncnDuVWJZNlwzfvPAjO0UkBgSkejIze3fKTF7xA0YFGujHXEa-KwFRU8kSWFYYq9JQI-tOKcRCIthqjCFlh7wENUfRnJ-Upp-Ud78pwSzBT7KlvKR19SBUPCQd-2dIXHRM0OCeEb0VsJFNl6q9V-gsM6CQ9zhSEcMMvGL8alMT7dERCiK-cAE9vzq5dwEiAXotNSWTpIFBAgEGAGSBQQIBRgEoAYCgAeT5Ou3BagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcEEIuDBtIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOljQo4TQqauEA5oJPGh0dHBzOi8vb3Bwc25vdGhvdC5jb20vP3N1YmlkND1hdWJ0dS5iaXomc3ViaWQ2PTY5MDYyMTE3MjQ4M4AKAcgLAdoMEAoKEJDSm7qLn4KEWhICAQPYEwLQFQGAFwGyFxwKGggAEhRwdWItNDQwMjMyOTY0MjExNTEyMBgA&sigh=cCbpnLzJZDk&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf__M3sKSUGyrHUQi1Mr61S1CLPTgLhMFa_L_cEDPyeLceZUELOJErrfN93xcTrBGL2729vLM-f62Bc9zt_AjebyZ8yo_c3HIHXms0YAQ&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8d7fc66493b1905e0000000000000000%22,%222%22:%220x600bcbeeed02eb7b0000000000000000%22,%223%22:%220x8a070635eaa3cd450000000000000000%22,%224%22:%220x11ba6780533ac66e0000000000000000%22,%225%22:%220x402f94bd65af5b580000000000000000%22},%22debug_key%22:%226812305011651201518%22,%22debug_reporting%22:true,%22destination%22:%22https://oppsnothot.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211459286547%22],%2222%22:[%22true%22],%224%22:[%2202-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210725077397578608049%22}&andc=true
Request Chain 194
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 200
  • https://ssl.connextra.com/Betway/selector/image?client=Betway&placement=DDM_APN_Betway_CA_Sports_Impression_Pixel_1x1&_cb=2107273533&apnauc=5380958795810579264&bidid=5380958795810579264&dspid=3bc1d7fd2e HTTP 302
  • https://ssl.connextra.com/servlet/controller?service=DDM_Betway_CA_Sports_Impression_Pixel_1x1&pubhost=aubtu.biz&image=image%2Fgif&client=Betway&placement=DDM_APN_Betway_CA_Sports_Impression_Pixel_1x1&_cb=2107273533&apnauc=5380958795810579264&bidid=5380958795810579264&dspid=3bc1d7fd2e
Request Chain 210
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375225519;dc_trk_aid=565710233;dc_trk_cid=197563682;ord=2822020881;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2&nis=5 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375225519;dc_pre=CK24xNGpq4QDFQAOaAgd1pAP2w;dc_trk_aid=565710233;dc_trk_cid=197563682;ord=2822020881;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2&nis=5
Request Chain 211
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CMG4UQPTMZZDzL7Omrr4PsJGXgAnWlLzMdeDb2PXYEZyMspSPDBABILSOkUpg_cCUgegDoAHS-MviA8gBCagDAcgDywSqBOABT9ArClRXkFjsavI6J12n1z1M_xccdzq744gVE4-0tlNj1zx99f64s2P368qCOB0Oy96dIHAhW5o6NI15feQckCGsMR_Zp4kKBB8BNUpFWhHpCvGKZboyghHMiFQMg-RVqNPfJ3lfSFkzZYiiMLU4lS8LtGl6cTDbQp3T2-nvlcGuv_n9uVOQ2KSgjmfD3HKq-QQegHdBHSKp4fhPoJVaydUzGD79pexV9oRjsX0X3MYhOcdNMnDfDipGzxOHBb8IoccOInCJwOfcSEqsl_f8oGbsdqcqIQSuj0c6QY4czXrABPbe_-iXAogFwIf3sQegBi6AB4GI1kOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHBBCQ3gPSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpY4NmF0KmrhAOaCRxodHRwczovL3d3dy5zcXVhcmVzcGFjZS5jb20vgAoByAsB2gwQCgoQ4Ku3ofD2u9UEEgIBA7gT5APYEwPQFQGAFwGyFxwKGggAEhRwdWItNDQwMjMyOTY0MjExNTEyMBgA&sigh=3dMVD7HVtQw&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_2KcePejY0pTPwmu8elO51ETCubl1n5y23gTvbarjQ_XFKyzoId1uVgvQAiTESywERGUA7LyKxWZAqxP6e6yZiHWPTfvei114shgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x25dfdd72138177cb0000000000000000%22,%222%22:%220x9e1dc845c80576bf0000000000000000%22,%223%22:%220x543e80b7e7a15ca60000000000000000%22,%224%22:%220xf01601361c5407c70000000000000000%22,%225%22:%220x4e883c4bb06a87550000000000000000%22},%22debug_key%22:%223205323955286331500%22,%22debug_reporting%22:true,%22destination%22:%22https://squarespace.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221012071506%22],%2222%22:[%22true%22],%224%22:[%2202-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211773456879620491969%22}&andc=true
Request Chain 219
  • https://gcdn.2mdn.net/videoplayback/id/b6125943be1ed8b4/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3850647413/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/BB156DD7F56184EF7B4CCB3097300F639E8D4CCB.81620D5E78BFE7FCF2A94FB011C4C812B929B82B/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-tt1e7nlz.c.2mdn.net/videoplayback/id/b6125943be1ed8b4/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3850647413/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6AA685BEB5F3D595C2D229533A93BB5926F4C790.77F42E59725365D494C0582F00E6A087BC736A34/key/cms1/cms_redirect/yes/mh/Ts/mip/2001:4958:1420:151::80/mm/42/mn/sn-tt1e7nlz/ms/onc/mt/1707930155/mv/u/mvi/4/pl/36/file/file.mp4
Request Chain 259
  • https://l.sharethis.com/pview?event=pview&hostname=aubtu.biz&location=%2F20-behind-the-scene-photos&product=sop&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&source=sharethis.js&fcmp=false&fcmpv2=true&has_segmentio=false&title=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&cms=unknown&publisher=64881bab940f820012547cd6&sop=true&version=st_sop.js&lang=en&description=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&ua=&ua_mobile=false&ua_full_version_list=&uuid=c6c960f2-3fd6-4f65-9a3f-b765c29b2bb8 HTTP 301
  • https://l.sharethis.com/sc?event=pview&hostname=aubtu.biz&location=%2F20-behind-the-scene-photos&product=sop&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&source=sharethis.js&fcmp=false&fcmpv2=true&has_segmentio=false&title=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&cms=unknown&publisher=64881bab940f820012547cd6&sop=true&version=st_sop.js&lang=en&description=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&ua=&ua_mobile=false&ua_full_version_list=&uuid=c6c960f2-3fd6-4f65-9a3f-b765c29b2bb8&samesite=None
Request Chain 282
  • https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&us_privacy=1--- HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&us_privacy=1---&b=1&g=UT5aiWXtOzE8qF9e%2BPKYYbBcNQzAa1bllO62p3m9x%2Bk%3D
Request Chain 296
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 335
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
  • https://sync.sharethis.com/nlsn?uid=f16b5db66b0382616e44e3fbd49c5beb
Request Chain 336
  • https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZGAADWXM9EUAAAAIB6imAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZGAADWXM9EUAAAAIB6imAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.sharethis.com/int/lotame?uid=cc703b56ea1a620c27d3afc02da921bc&gdpr=0&gdpr_consent=
Request Chain 337
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=be8f4702-1c90-4978-860e-bd2d2fbd9362&gdpr=0&gdpr_consent=
Request Chain 338
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2JpcubTLx5FP513ulvjKm5gYFq_Fi2P_6jb93JKT5bHs&gdpr=0&gdpr_consent=
Request Chain 339
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGAADWXM9EUAAAAIB6imAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3642068995841458201 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MjA2ODk5NTg0MTQ1ODIwMRAAGg0IyOizrgYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=256288284fabad7eff2bfc0952b933a4a8dffd45148dc4ec16a63838fac30982f4cb09cee1a4f8eb&person_id=3642068995841458201&eid=50082
Request Chain 340
  • https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58724/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
  • https://sync.sharethis.com/yahoo?uid=y-ZG9uMNZE2oNBBtqcE5JkloTO.Ia9qSOaCmM-~A&gdpr=0
Request Chain 381
  • https://gcdn.2mdn.net/videoplayback/id/f824328354ab2cb2/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851352007/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B577E9BCC87C757B5A6EABCF2753C1467E4B6138.50468666809665FF167EDBFE7B818962889180/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-tt1e7nls.c.2mdn.net/videoplayback/id/f824328354ab2cb2/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851352007/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/84394740E6E4CA96956FB9F9630B812BAD845FCE.11C8661EB34D50603A013BF46D662C50A8B10A4B/key/cms1/cms_redirect/yes/mh/Mr/mip/2001:4958:1420:151::80/mm/42/mn/sn-tt1e7nls/ms/onc/mt/1707930155/mv/u/mvi/4/pl/36/file/file.mp4

381 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 20-behind-the-scene-photos
aubtu.biz/
Redirect Chain
  • https://bit.ly/3UnVJcs?fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
  • https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlq...
43 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d4133d08a5cec0998522a7160c5ed8866415d4349616a96447ed5d54126ba61
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=3600
cf-cache-status
MISS
cf-ray
8556ee18ea5b36ac-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 14 Feb 2024 17:11:24 GMT
last-modified
Wed, 14 Feb 2024 17:11:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxrKExSIp%2BRSDkDV8ohyCUPOmIk2n8DGyWYcA%2BzFirzayTknq2qIRM3PzfHDaxs89mdXIWX50mZfilf0Ufmm4cXavYODuJb2aU6v52REg8%2FOjf3y5p%2FAFQOjJwv7MRlh61%2Fn2%2F6p6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=2592000; preload
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
324
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Wed, 14 Feb 2024 17:11:23 GMT
location
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
referrer-policy
unsafe-url
server
nginx
via
1.1 google
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,500i,700,700i,900
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9878481b8acfa8e5318556717220f80fb5bdba2151d63ccc9b0b485156ac723d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Feb 2024 17:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 17:06:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Feb 2024 17:11:25 GMT
fontawesome-all.min.css
aubtu.biz/static/css/ 		60 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/css/fontawesome-all.min.css?v=20240119114420
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf530e82b09fa5e1f6d346ce80303378ae78b94cbfc10103102c40b05e386c81
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:24 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2468
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 28 Sep 2023 15:23:58 GMT
server
cloudflare
etag
W/"65159a8e-ee0f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LneIY%2BDl7uzSyxsDlGE7uJCvmPvGMVO0tezA90BmBuuUPIaEaErCImAPO9npbgUZJ5YLXK3Zz%2BG0tANw3U0JnOiPKya0F3y4PQdR9t0bS9iwlSN2c%2Fbrc5Liyug4VbdcTip0n1gcrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31104000
cf-ray
8556ee1aedbb36ac-YYZ
expires
Sat, 08 Feb 2025 16:12:26 GMT
bootstrap.min.css
aubtu.biz/static/css/ 		158 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/css/bootstrap.min.css?v=20240119114420
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ab8decd2652f344638ca63854d6b3571dee5534076c9d4fc5954306fd40ca41
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:24 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2468
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 21 May 2023 23:00:23 GMT
server
cloudflare
etag
W/"646aa287-279ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUTRbbMPmhVYnghiGz7McOLKTfkMbx5YP3vvyofbRUDeSn552pXo87w6aSewshsXfgK6WBKFitW0k9tMFH%2BDG6Goh3naHXV%2BdHv3%2BIlXONGbVYwMQkNRsYLoztE%2FI9XTmM0KQbxRwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31104000
cf-ray
8556ee1aedbd36ac-YYZ
expires
Sat, 08 Feb 2025 16:11:28 GMT
owl.carousel.min.css
aubtu.biz/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/css/owl.carousel.min.css?v=20240119114420
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:24 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2468
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 21 May 2023 23:00:23 GMT
server
cloudflare
etag
W/"646aa287-d17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgBc5atDDLhv63WoXdxLgJNCqzumXYKVscx1OHsf414G42hrrIQ2DyF5kCmuM1GFvx86qYYRe1t5IS%2B4snVgf9jzn%2Fu722gsfGmLD8Vzu1BLFfOnWuzYx6ZEBQcZM4IxykOg9CluxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31104000
cf-ray
8556ee1aedbe36ac-YYZ
expires
Sat, 08 Feb 2025 16:11:28 GMT
owl.theme.default.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ 		1013 B
673 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6685945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
331
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-3f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5bIt%2Fu80Wmb6WZUMILcYVTaPg9I%2FhUC4fZh4cZWhkBbRLKc%2BaUlMjizyWQLqEs%2BXtS%2BHlAtvwq0rITd81xkInoQuXkMpCxwTCU9b9VglfmDUWije7Xirew8u5bG3TnLMNxMBImWAhl05t8thXtN58j5"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8556ee1d4ab639f6-YYZ
expires
Mon, 03 Feb 2025 17:11:25 GMT
iconfont.css
aubtu.biz/static/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/css/iconfont.css?v=20240119114420
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88edeb0da79da2ee0a1c7a42eaa5ea314965319d967c439b3e9c4eda2b1c010b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:24 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2468
cf-polished
origSize=13226
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 21 May 2023 23:00:23 GMT
server
cloudflare
etag
W/"646aa287-33aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7bUuiM5%2BZq4ZlwOCtRA6%2BoKA1Zk4Hw42MFjmCjrpC9WN7NSgUKEHdLfXhycGUUgfmD6YWoVzfLLtOOh7BkTeG2zt9lJQupv2IoWWYF%2BT5U3Pwm355RY%2BHEcLNA1JbSOgoB1wsCSrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31104000
cf-ray
8556ee1aedbf36ac-YYZ
expires
Sat, 08 Feb 2025 16:12:26 GMT
style.css
aubtu.biz/static/css/ 		119 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/css/style.css?v=20240119114420
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d275b5f9293c043be9edcabd91840660933bd0e4226694a803c3c505cfcce8b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:24 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2468
cf-polished
origSize=155241
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 19 Jan 2024 15:07:00 GMT
server
cloudflare
etag
W/"65aa9014-25e69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNp2Co%2FCXNTE5LjDw5BAg%2FY7oN%2F5fnrA2ihf35jI6lytjlbTqTX%2F9stSsfq66Sb%2BbYA3bPrJX0ECtRSwa8S2VFMirWeiR%2BvpdgrkbohHyua0fkqnrOJwmg0wte9quYjL6%2BrBJBn03w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31104000
cf-ray
8556ee1aedc136ac-YYZ
expires
Sat, 08 Feb 2025 16:12:26 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6516670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1541
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TFci95airVGOwSulJkGCDMkEMvc99OzjhQBahiERG4jc%2Bh9ASk2U6cXJdH1cNTZk%2F7MZ2jkPwb9FIk1zJNzxCFqy%2FMbPhTJeHr1Yx318zw5hnHT0PusnHLyMAEcReeexf0YT1vaZbtTdkFD%2FKN8ergX"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8556ee1d4abc39f6-YYZ
expires
Mon, 03 Feb 2025 17:11:25 GMT
logo.png
aubtu.biz/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aubtu.biz/logo.png
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3371d96ed7848b7969db5a444ceca733582737e0a4da79db081ac82a7c89964
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2466
cf-polished
origSize=1736
alt-svc
h3=":443"; ma=86400
content-length
1628
cf-bgj
imgq:85,h2pri
last-modified
Tue, 01 Aug 2023 13:43:10 GMT
server
cloudflare
etag
"64c90bee-6c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wfsU6vOelUAguy7rmjGEypNKGV6e4EmhRTJTwcFjXKquAJxr%2Bqs6OvwhW5f6oujZ9sVHxI4sM%2B1nVYkX5hK99mJ8yRTAU3LAz4qfAqPcVGpG51L0sokl9xyd%2FFfUKDB5ScvMHj%2FCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
8556ee1fcc2e36a1-YYZ
expires
Sat, 08 Feb 2025 16:29:02 GMT
logo_footer.png
aubtu.biz/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aubtu.biz/logo_footer.png
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e66ee1b1e9274e0cc51176c8532dc781a5507bf6c4841fb6c9b591fb27b9b5c2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2466
cf-polished
origSize=2427
alt-svc
h3=":443"; ma=86400
content-length
1677
cf-bgj
imgq:85,h2pri
last-modified
Tue, 01 Aug 2023 13:43:10 GMT
server
cloudflare
etag
"64c90bee-97b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fBQ%2BtOYfWm%2BOhX7jzQ5zlHQf2BjRNclJ3ba1QXtm6UoOdXHARv%2Fpv%2FLJ2Jnx9hnQCdE8D7rT2URTsJLRKMpK8h5UQ5o3VB%2B4J%2F7n%2B0eUGR2RRBWF9jsH%2Fo1hm6ESdgOfL6RnjYIVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
8556ee233a6636a1-YYZ
expires
Sat, 08 Feb 2025 16:10:02 GMT
google_news.png
aubtu.biz/static/images/ 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aubtu.biz/static/images/google_news.png
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da9a371abab0efdb74bba17c74b0a5f7262a8ee65f839c2e538a780284b383ed
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2466
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
946
cf-bgj
imgq:85,h2pri
last-modified
Thu, 28 Sep 2023 15:23:58 GMT
server
cloudflare
etag
"65159a8e-3b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvo9P028lKI9%2BlTBYuxl3C1eWbO2YqDuCvikdycshb2cDNzNpXNXQAjHVlkNYZJPIcrX9W%2BQC8I6bF9SaeSRIW7uW8omzBZjI6hkRVdiDU%2Fq4r6HPUD%2B%2BeeDChBaQTFK%2Fp9MK%2FkyLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
8556ee1e39b536a1-YYZ
expires
Sat, 08 Feb 2025 16:11:28 GMT
check-done.svg
aubtu.biz/static/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aubtu.biz/static/images/check-done.svg
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d6c3f957a460b764388ec4149862ecb8a9ef0fcff9665cb8b1e412528aa9af
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2469
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 21 May 2023 23:00:23 GMT
server
cloudflare
etag
W/"646aa287-498"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLlBGeiGK1QusrbwgpEWjGYSBAuuY4zvpSEeFJbdVBBOXHKQX0Vlgxl4lkntmWqJv4sNfhkVPuLnpZxlXzRtxazijWKSzNG6hbpjYOJHcMwWAG%2FrO3bz2PDdGaz9wvmIHRWkc7EjtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31104000
cf-ray
8556ee1e39b736a1-YYZ
expires
Sat, 08 Feb 2025 16:15:51 GMT
jquery.min.js
aubtu.biz/static/js/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53204067e4480cd48452851810064e68acb7c7c1027c0d43bed74d6f291849e0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2469
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 21 May 2023 23:00:23 GMT
server
cloudflare
etag
W/"646aa287-15856"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kP%2FxvykChCr%2F1RZt6hOxbElj6ngKIlwprfBNXyew3LSdf4FTGNaGWSy143tgwqwybeerwjvGYeqPogjzE3keLwc1b7l2C1yIeSqjcB3%2B3Ao83bZmCmp3tEkVBgdy1eMU9%2Bpg2N407Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000
cf-ray
8556ee1e8a4336a1-YYZ
expires
Sat, 08 Feb 2025 15:30:39 GMT
jquery-migrate.min.js
aubtu.biz/static/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/js/jquery-migrate.min.js?v=20240119114420
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed352d20fba52e6b09d1b464e5c094d8792b46bff4f79e1a6daa521cd56e42be
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2469
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 21 May 2023 23:00:23 GMT
server
cloudflare
etag
W/"646aa287-26b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEXCALS2LixOGLyBO8LnerlJNpRKxgvjEu66aHuKsAdu%2FF%2B7mxX8g9UMz0U%2FQyn2%2Bid1m%2FpPTx9dpSpQYFE6I1Wiu4o07D1jBD6d8mFuPveuKkVEH%2F51Nm8IIm8YUm6%2Bt2d%2FseQfeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000
cf-ray
8556ee1e8a4836a1-YYZ
expires
Sat, 08 Feb 2025 16:09:59 GMT
jquery.magnific-popup.min.js
aubtu.biz/static/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/js/jquery.magnific-popup.min.js?v=20240119114420
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2469
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 21 May 2023 23:00:23 GMT
server
cloudflare
etag
W/"646aa287-4ef8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNXA5PV96QHxfdV8t9WC5Ad6A%2FKR%2BautJSBx5tkMEjNXncM9%2BEKkEaDHl8Q1LAIpzuq0VnCxOfPNNgAF5SzXVsTRQoeBrslDchCz37Zc18FabcyMCvdAZ%2FHlgXNYa7eBWdIrIWjUkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000
cf-ray
8556ee1e8a4c36a1-YYZ
expires
Sat, 08 Feb 2025 16:11:28 GMT
easing-1.3.js
aubtu.biz/static/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/js/easing-1.3.js?v=20240119114420
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a365544c88ea14f136651c4331313b926f76259ae31424028c9d3ac1023655e2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2469
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 21 May 2023 23:00:23 GMT
server
cloudflare
etag
W/"646aa287-de5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRlcsJdkSmA1PIs7yTaKyX9HxMbmfjGhb31D82FyQ7PG6AzCLa7UXJBI3HxbaIkWZtPltABywb0qotM%2FKJZTQZC2hkbP1oTAc7tC6OGkOhKPPUoAB9JEzHNlqxoH%2FXcP7SC6cezbDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000
cf-ray
8556ee223fca36a1-YYZ
expires
Sat, 08 Feb 2025 15:57:49 GMT
owl.carousel.min.js
aubtu.biz/static/js/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/js/owl.carousel.min.js?v=20240119114420
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2469
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 21 May 2023 23:00:23 GMT
server
cloudflare
etag
W/"646aa287-ad36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7i24PF2ulnvt5pnylhWPY76XoyEUKX5EtwS7vEwRn4CmB3XUr1CWgoNf0H4ozui%2F314hWKBI8WGiKcfBwpO7C9%2FE2YmCYg3VbniHrOiHMuqmusUF4wIAcq%2FZF%2FNGZ3uOCIwx3eRdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000
cf-ray
8556ee233a5d36a1-YYZ
expires
Sat, 08 Feb 2025 16:16:00 GMT
main.js
aubtu.biz/static/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/js/main.js?v=20240119114420
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4343041d1e971ce75d38c53741a58f5e8b2c5dfb6b3e23b1b8f19bc9a2b20a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2469
cf-polished
origSize=15881
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 15 Dec 2023 04:12:25 GMT
server
cloudflare
etag
W/"657bd229-3e09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8VyURs2oVjSbx92DinkORw2xV41mPOHs91fYCGNCbUJexABzL542kOxQXwK3pjwJsPqzm4N2QPFOmTpLlDjUpLDxPPZo5VeaEp0E%2FxySx9NeIsf8qnoWl8Nkv94ip7lM1tfAHjVVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000
cf-ray
8556ee233a6136a1-YYZ
expires
Sat, 08 Feb 2025 16:12:51 GMT
embed.js
www.instagram.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/embed.js
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f203:e5:face:b00c:0:4420 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb3ce3cc92fd81cbc082e65f36f1eb6573058b73ec7e7521348d55a3277ce42a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 14 Feb 2024 17:11:26 GMT
content-md5
VT2atvwFX0TNN0vD1Vw5Fg==
document-policy
force-load-at-top
edge-control
cache-maxage=1200s
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19723
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-fb-debug
IPXCtfyep5fNTtT93rMhEhZyBxLFhJ+s+swm1jvBK9fFdxxaWG/Rcr2it+OcqITO//gt3gSB2KVLSy/P/wzbEw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
bc0a70ea9a4fb4fea7a31d1d3e3fe4e7
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"28f8c370c1b6e979eb5a3ff9b9f17439"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(self), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 14 Feb 2024 17:31:26 GMT
embed_v1.0.12.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/
Redirect Chain
  • https://www.tiktok.com/embed.js
  • https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Server
23.215.0.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-0-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dc15d2dbaaafa80d89a77adf365ea3a2a728c8eefc36b9872b06b78d7d919b49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
d0a5cda7
date
Wed, 14 Feb 2024 17:11:27 GMT
content-encoding
br
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
9V0JLxhpwMvoJafbvKO0pQ==
x-cache
TCP_MEM_HIT from a23-52-15-209.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1.1-53919751) (-)
x-parent-response-time
23,23.192.44.245
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=1
storage-tier
Standard
content-length
13263
last-modified
Mon, 22 Jan 2024 19:32:27 GMT
opc-request-id
iad-1:fCqdon7Eal6RlFkfu077lO4qYc__y5u30k-v9uOmW7Gxh5PnoqVBnrV5sGNNToLu
x-api-id
native
etag
b2f83e35-5705-4835-962f-dbe0d55871a0
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/javascript
version-id
13fb1b8e-79ca-40e8-8dec-c5db316da63b
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 15 Mar 2024 17:11:27 GMT

Redirect headers

x-akamai-request-id
15b82f1d
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
report-to csp-endpoint; upgrade-insecure-requests ; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.feishucdn.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.twitter.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.zhiliaoapp.com facebook.com googletagmanager.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com twitter.com unpkg.com; report-uri https://mon.tiktokv.com/log/sentry/v2/api/slardar/main/?bid=tiktok_pns&ev_type=csp&revision=a292ce86-8f96-4ef5-9ad8-c9887f93b1d8
date
Wed, 14 Feb 2024 17:11:26 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2402141711251DA353A94809E006FA1E-47B7560A71FA7EE7-00
x-cache
TCP_MISS from a23-222-12-45.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
server-timing
cdn-cache; desc=MISS, edge; dur=2, origin; dur=23
content-length
136
reporting-endpoints
csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
proxy-status
0000201302026000
pragma
no-cache
server
TLB
x-tt-logid
202402141711251DA353A94809E006FA1E
content-type
text/html
location
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
23,23.222.12.45
x-tt-trace-host
0142806d97932ba3e0a177d9d36b8b270161b5beae9458b568c87afd7406224f2d16bdd936ef53a7e88eac210e2a48b2db8cdaa659e77dd17894efa1305f5fb5be
expires
Wed, 14 Feb 2024 17:11:26 GMT
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:26 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
27597
x-served-by
cache-iad-kcgs7200114-IAD
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
widgets.js
embed.reddit.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.reddit.com/widgets.js
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
af661747e1e16baf44ab1687ae16a5bd53e09dc39f110beb2e4532782f2c5047

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:26 GMT
content-encoding
gzip
via
1.1 varnish
last-modified
Wed, 28 Jun 2023 16:17:28 GMT
server
snooserv
etag
"9b10976798f30c6e7ee6e4c86c27d683"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2540
ads.js
aubtu.biz/static/js/ 		681 B
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/js/ads.js?v=20240119114420
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bdb8afc29fe9b29e5aa5465faad34e40f9355a05a1fe20e7ecfaf709ee8f233
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2469
cf-polished
origSize=1644
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 15 Dec 2023 04:44:00 GMT
server
cloudflare
etag
W/"657bd990-66c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8sE1AF%2Fgf7%2B07dVRWAJy6jR%2FxYoyhTubNmgWEpacwT%2FaGZxHMtB%2Bn%2B5XMiCRjM5AuiN%2Frh6woDRrN8uPWzLzpy6j6eU%2BqTA9CiNol37z5AVC9YmIA%2FiC39fHm9tPQMgK%2BdxnjNqcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31104000
cf-ray
8556ee233a6236a1-YYZ
expires
Sat, 08 Feb 2025 16:25:54 GMT
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5865450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1399
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sST6pybL1AOvkf3V0ZKLgBQ24oOJRxAQVn4WDCdeHORWivNVh3hEV0VK5rX%2BKyDkviivK6937SO8FEa1zXW%2FDGu4Lq8%2BOYa%2BZ6iSTVv7uk6wdtWYeOxT9gk0jHp99TkHB2cx3hgN6046O2g%2FWYYdYZe7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8556ee234d1239f6-YYZ
expires
Mon, 03 Feb 2025 17:11:25 GMT
pxiByp8kv8JHgFVrLGT9Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v15/ 		16 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlEA.ttf
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/css/style.css?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6295dd65726503036a4ebc989d4cfc73e73f7e1bde4274e523d3525442669795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29392
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10407
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 09:01:33 GMT
fa-regular-400.woff2
aubtu.biz/static/fonts/font-awesome/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/fonts/font-awesome/fa-regular-400.woff2
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/css/fontawesome-all.min.css?v=20240119114420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

Referer
https://aubtu.biz/static/css/fontawesome-all.min.css?v=20240119114420
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70
alt-svc
h3=":443"; ma=86400
content-length
13224
last-modified
Sun, 21 May 2023 23:00:23 GMT
server
cloudflare
etag
"646aa287-33a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1x1g3nTP3kcEBEr6cJoP5yjRMAAiN%2Bb%2FFeck%2FLt3ScUmt7Sp2JLtCwb4DiJCADD1G%2FdvF5mccTfbp%2Fl9OG0OvR6%2F%2BjTl9BDNNEyLpTXUzLigct4HHkdJlXGKeKn%2BiBB%2F2rztlO08A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
8556ee1e8a3636a1-YYZ
expires
Sat, 08 Feb 2025 16:59:13 GMT
pxiByp8kv8JHgFVrLEj6Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v15/ 		16 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlEA.ttf
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/css/style.css?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b27d34226cc692a7d586e6371204cfb33d9a603fc42f7f0e82d74586bad320b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10622
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 09:06:48 GMT
fa-solid-900.woff2
aubtu.biz/static/fonts/font-awesome/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/fonts/font-awesome/fa-solid-900.woff2
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/css/fontawesome-all.min.css?v=20240119114420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

Referer
https://aubtu.biz/static/css/fontawesome-all.min.css?v=20240119114420
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70
alt-svc
h3=":443"; ma=86400
content-length
78268
last-modified
Sun, 21 May 2023 23:00:23 GMT
server
cloudflare
etag
"646aa287-131bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvkz8ERhuaIP0Jl%2FIcBTb7I05HkMuJm9JIXFjP%2BdRIipBH3ILUmZlYk%2FbuFvfMod%2FCbd3lHnkjafF93m5Sfpfz9uzuUZXItnmmqcDns%2FjZahSjU69rVD61ajJAPcEx0mOR8n8r60%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
8556ee1e8a3d36a1-YYZ
expires
Sat, 08 Feb 2025 16:59:47 GMT
fa-light-300.woff2
aubtu.biz/static/fonts/font-awesome/ 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/fonts/font-awesome/fa-light-300.woff2
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/css/fontawesome-all.min.css?v=20240119114420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afdb7da70cadb7f081878a3df33f1634c2542cf54ac71bc0e3da76530b6e75ca
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

Referer
https://aubtu.biz/static/css/fontawesome-all.min.css?v=20240119114420
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70
alt-svc
h3=":443"; ma=86400
content-length
61500
last-modified
Sun, 21 May 2023 23:00:23 GMT
server
cloudflare
etag
"646aa287-f03c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ol%2B61LNqp1m53%2B8s75nMZzS3IO4vZldpOAT%2FubsErr%2B%2BehpjjRJh%2FL4hPFxMsJlXEpdyV31X3QM8juQNAo4iy8OupcCgznoFOFo%2FI6HwIUcELZaMx%2BNR%2B9OzVVxjt7L4Y%2FMEsfp%2BqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
8556ee1e8a3f36a1-YYZ
expires
Sat, 08 Feb 2025 16:59:13 GMT
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v29/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/css/style.css?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52e0349a641604d5204952039bfac8acde78242227defae8864d1caa48b8c5c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20743
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 08:46:08 GMT
pxiEyp8kv8JHgFVrJJfedw.ttf
fonts.gstatic.com/s/poppins/v15/ 		16 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfedw.ttf
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/css/style.css?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e83171a76657083b9eb66e41f1fec53bf3b30fb9a15c9b9603f7ed21e3d2a6e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:48:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10566
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 08:48:33 GMT
pxiByp8kv8JHgFVrLDz8Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v15/ 		16 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlEA.ttf
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/css/style.css?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6992ecd8240bf68c6e363a53b3ea14a2b21377ad18bc8637342295a07d3ede0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10529
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 09:06:48 GMT
pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v15/ 		15 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/css/style.css?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61c050678dd8b3f4a7a9ed2f522bdef895d70837e012a83612cdd94a8702a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10457
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 09:09:32 GMT
pxiGyp8kv8JHgFVrJJLucHtF.ttf
fonts.gstatic.com/s/poppins/v15/ 		17 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiGyp8kv8JHgFVrJJLucHtF.ttf
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/css/style.css?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127f0f4a142de6eb98c8372b42114331ad239ba656edc959f07fc0f3baf4bc35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11485
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 09:47:16 GMT
fa-brands-400.woff2
aubtu.biz/static/fonts/font-awesome/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/static/fonts/font-awesome/fa-brands-400.woff2
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/css/fontawesome-all.min.css?v=20240119114420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

Referer
https://aubtu.biz/static/css/fontawesome-all.min.css?v=20240119114420
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70
alt-svc
h3=":443"; ma=86400
content-length
76736
last-modified
Sun, 21 May 2023 23:00:23 GMT
server
cloudflare
etag
"646aa287-12bc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rf7vRe6Ilmcou6brRlaEtwOsvFSZtN1d46RK%2F9KwzwNxtsp%2Fo21%2F7x2sz3C19ME%2FStJMNNnogAz4NKY972XCvKF6SsMn2UOh7nnlP9OydvquypoFyEqwlVFhvWTA4nFvkH5qWjNm8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
8556ee1e9a5136a1-YYZ
expires
Sat, 08 Feb 2025 17:00:30 GMT
KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/roboto/v29/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/css/style.css?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52dc362cae7e441a98741305a38b045859ac60e99377d9d88922ec32cb944cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20778
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 09:06:48 GMT
0-0-amazing-behind-the-scene-photos-9.webp
aubtu.biz/medias/32/2023-09/aziz-alasmar/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aubtu.biz/medias/32/2023-09/aziz-alasmar/0-0-amazing-behind-the-scene-photos-9.webp
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
237eef813202c49c70ff131c7af8b1c37c0f8614f5d0ea9ebdde22e15cad8942
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
strict-transport-security
max-age=2592000; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2466
alt-svc
h3=":443"; ma=86400
content-length
95992
last-modified
Sat, 30 Sep 2023 02:47:39 GMT
server
cloudflare
etag
"65178c4b-176f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHvqeN1hEjh75A%2FjqX2ueqRNzldhjSYHOtdqJYalNkqf1a28vljk703hZmB8IUwzL4GkNAin3qPBJ6qd8PXZOyv2jorivPQboK0tiBYu7qefl4aRIh83a93OKnENHuAaDydAg52nng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
8556ee204ced36a1-YYZ
expires
Sat, 08 Feb 2025 16:07:40 GMT
0-0-amazing-behind-the-scene-photos-14.webp
aubtu.biz/medias/32/2023-09/aziz-alasmar/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aubtu.biz/medias/32/2023-09/aziz-alasmar/0-0-amazing-behind-the-scene-photos-14.webp
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
176d61cae564e04654ef56ff8644b0b87289f80af65f4a6168e0687c9702fa24
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:26 GMT
strict-transport-security
max-age=2592000; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2465
alt-svc
h3=":443"; ma=86400
content-length
114956
last-modified
Sat, 30 Sep 2023 02:47:46 GMT
server
cloudflare
etag
"65178c52-1c10c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJq3r787MX%2FvQhpGxApKrJRLRco25f%2BQXA223Jdnp1N0UK7LQK7%2FspXTM1We0EFGwQGZjo0BXJBj9b2IZMQXLh%2F%2FUjM6EdkCIF4KmSkvR%2BsHHDGE84JCiqxC2OmyT88Fr5JWtrc2gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
8556ee23fb8d36a1-YYZ
expires
Sat, 08 Feb 2025 16:15:34 GMT
0-0-amazing-behind-the-scene-photos-2.webp
aubtu.biz/medias/32/2023-09/aziz-alasmar/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aubtu.biz/medias/32/2023-09/aziz-alasmar/0-0-amazing-behind-the-scene-photos-2.webp
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a220277de8b31c861ef662f6ed07432996bf17a8841e19b03c7a6ca684dd7b9b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:26 GMT
strict-transport-security
max-age=2592000; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71
alt-svc
h3=":443"; ma=86400
content-length
101936
last-modified
Sat, 30 Sep 2023 02:47:31 GMT
server
cloudflare
etag
"65178c43-18e30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2MhiLWuldSUPtFTS3FmejCJqhMLyj0RhbmyJdD8yvaQtK3XselvqakQ9TA7Tjo3qHqmzVTzbNftQB%2F0WgPeIo82DHy2fK4q7vc2yYnk1u7OtAjmIs0qdka%2BkjhlKXCYlVwscJN5NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
8556ee23fb8f36a1-YYZ
expires
Sat, 08 Feb 2025 16:41:10 GMT
ads-slot
aubtu.biz/ajax/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/ajax/ads-slot?t=1707930686056
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
055dbf3aa578627e5863b7d2afbfbb4b903e0c1485cbaabc404f9ed47c6da3a7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
X-CSRF-TOKEN
eITpM5HS0ea0rmmWs0fsxJGfHBbD7mRTcWqdoiYs
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:26 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lxiGQCTtA7ZG0KnsgXAArDONTCUCGRhyL6sMvNQeN7R08G9L2csRU4C9%2FR1eB0Nkk7V4H%2F7zKC2fz949Ex%2FPiu2isIVhYAI15hHdpxl4qRGVzpZ22Ircu006EX8MUmTg380r5payA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
8556ee242bc536a1-YYZ
alt-svc
h3=":443"; ma=86400
cus-sct
aubtu.biz/ajax/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/ajax/cus-sct?t=1707930686062
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2290d3e896927e562689f28fac313e1d30bf137ce7a1018428ebbeec7671e38
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
X-CSRF-TOKEN
eITpM5HS0ea0rmmWs0fsxJGfHBbD7mRTcWqdoiYs
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:26 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTcEnMuHCRf3TmIaG12DM0dENa%2BzRryb1vRNZvN0BU%2F%2B7ijNaKMCFAdMLdfMiVH0CgFkpi5A4hpjacL3fxG3ZLXATLWMcx2PbmhsWnPIfldR7zchp8jMi9VwDm3bvcOLoQmX2nzEWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8556ee242bcd36a1-YYZ
alt-svc
h3=":443"; ma=86400
ads-code
aubtu.biz/ajax/ 		9 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/ajax/ads-code?t=1707930686070
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20aa9d8cb4f435f12cae4404fd6f26e0c9f73ca45207a295bfbe0e7333afd4ed
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
X-CSRF-TOKEN
{{ csrf_token() }}
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:26 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uy7GOt9fVdhbtWVDcbhNNaul5cxAfl9MIzTktYa5LD8soeLtuqhzh3ieZmV5v6khn1Q%2B4stFOVZG71EABgxBIRRlPCII5bQjM1t3ZSo9x6XeaR2JggloQTHj6N8KfbzJapppnFnfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8556ee243be236a1-YYZ
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4402329642115120
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c544fd959e80136cd60d9821bdf2a5b47111f6ac4f730e0a5835fb4a580b8fca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51998
x-xss-protection
0
server
cafe
etag
7809409436852645967
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 14 Feb 2024 17:11:26 GMT
choice.js
cmp.inmobi.com/choice/L96hBvc-zR343/aubtu.biz/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/L96hBvc-zR343/aubtu.biz/choice.js?tag_version=V3
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:d400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
532584b26d9fe644c6aaa11b13a0eb1ee98ffb6a38978255b2a98163dbb0e789

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:28 GMT
content-encoding
br
via
1.1 c0b8ad2b338051f9d0463eb8de3956ae.cloudfront.net (CloudFront)
last-modified
Fri, 15 Dec 2023 08:45:33 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
etag
W/"82eb73d71b3765ccb43fc5812bffe3d9"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
iS7XqngYdwBYmSPa4eAN-zjxXkmfv9fXMPyHORR9zzAZEIL0d7SzZg==
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Feb 2024 17:11:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
rrCePZqqIWfRpgTm9UnO1hHz5gazlA0V7bEpcuLenfK6MlvuxJwx8GuBWRgjy8Ij016wb+OSKNFuUUUNJyuWTQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		138 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153122571-11
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00e877f3c7aeb6c8d7943cf476bcd116310821e843da5d4eb8f0c6bed92b8556
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
53779
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Feb 2024 17:11:27 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-138655475-60
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7cd9464b53b67e8af97224898bc022e4384a964dfa55ea7223c1eae8457eca0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71263
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Feb 2024 17:11:27 GMT
js
www.googletagmanager.com/gtag/ 		294 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YRNMJ55HGC
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d899820faeebab057811f6827269af0289d0e2b7f3b7410c253933704155f35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99346
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Feb 2024 17:11:27 GMT
loader.js
cdn.taboola.com/libtrc/pawsworld-aubtu/ 		539 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6faf5b4c5741eb6f6452815b7eec5d193dfa88e859969cf1c1ba06bc48b1c4e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
gz40WDgtJEMzCZ6QdX4Czs1ccObsykA2
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:27 GMT
x-amz-request-id
9H9TCHZ1B3CDZFR9
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
19
x-amz-replication-status
FAILED
content-length
56454
x-amz-id-2
yhL6nPChDqPAocF3G2GP8Mn61Zh56mqJ+FkDhz1t6dZdIqgq6YFnqZ4daHSqJU50vYUhryRO7K4=
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 14 Feb 2024 17:11:27 UTC
server
nginx
x-timer
S1707930687.037672,VS0,VE57
etag
"bf0bc3a93c054435ae6656e6ce4eea22b1299f61"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
25
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
player.js
cdn.unibotscdn.com/player/mvp/ 		274 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/mvp/player.js
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
6a21907ca6d0f36dd28404106c1e811de6662c8f2e009c55bc9ff11b9946d2ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:27 GMT
content-encoding
br
cdn-edgestorageid
1067
cdn-storageserver
SG-560
cdn-cachedat
02/05/2024 07:21:48
cdn-pullzone
873945
last-modified
Mon, 05 Feb 2024 07:20:25 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
630
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65c08c39-44764"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
aa18f688ee9393049203118611abf04e
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
pub-4402329642115120
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-4402329642115120?ers=1
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5958ab789b2bfbd3e07ff776ede58598de0f8fc62f46a01c763480bbb5b0b650
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vROLKYscs3DZxN3NxLPfVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-vROLKYscs3DZxN3NxLPfVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjWsKoxSXF4KYhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48Hy5vw6axcEdNZ4-qms-YBMd-66ay666ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYgIP6cOYP1NxD71M9gjQFiIR6O_S82r2MT6Nj8bBUTACzFSnM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
taboola-push-sdk.js
cdn.taboola.com/webpush/publishers/1622640/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/webpush/publishers/1622640/taboola-push-sdk.js
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf9062e31835b30bd5fa9a38d421f81067064560a442a054c3a1875dc043210f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
BftUCt0ehGEs6cbvh5D7TTTMOuKKTQip
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:27 GMT
x-amz-request-id
5RDXXNGD4YXV1FKM
age
23334
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5352
x-amz-id-2
CICALiaxZoQAM5eOluCncUCGOQoa8vYr5VJSmL10n/d/aLypv2b0+rYlShZfyS5FHDm1T57MfSE=
x-served-by
cache-yyz4535-YYZ
last-modified
Tue, 07 Nov 2023 13:05:44 GMT
server
AmazonS3
x-timer
S1707930687.244098,VS0,VE1
etag
"ade5f23f3d4ed5365b163dece7cb2dc0"
vary
Accept-Encoding
content-type
application/octet-stream
abp
64
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
img.fetch
udmserve.net/udm/ 		47 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=16619;tid=1;dt=6;
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
da83a786f931dde4581ab5d39b68a10231f7112888835abb1f886ae50cdfdee9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Feb 2024 17:11:27 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Expires
0
sharethis.js
platform-api.sharethis.com/js/ 		206 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-9.phl51.r.cloudfront.net
Software
/
Resource Hash
cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:01:43 GMT
content-encoding
gzip
via
1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
PHL51-P1
age
584
etag
W/"3360d-7zvdaxLS2Lhi3Pty7QrCYymkuqI"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
Ak6gNFb6TFKMPQ14gNK1IYKBv4zA5_FJHA7qEN9HAJrg6KGgocQtwA==
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 7833 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Faubtu.biz
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Wed, 14 Feb 2024 17:11:26 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT
x-served-by
cache-iad-kcgs7200114-IAD
settings
syndication.twitter.com/ Frame 7833 		870 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=c9e03c21e0c0797bb9cc3cf0691c08ac3992619c
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Faubtu.biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time
6
date
Wed, 14 Feb 2024 17:11:27 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 14 Feb 2024 17:11:27 GMT
server
tsa_b
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
bc32b06090885fb1
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
ca9c45c985b27357b0a185f11810f1a447339f1718d56ff57665203453698d21
content-length
338
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4402329642115120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a3f91004dd23dad8c7f4885200c8a5fd80504b7d4b51c26e20f49a48d030402
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141176
x-xss-protection
0
server
cafe
etag
14354549925866651374
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 17:11:27 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240212/r20190131/ Frame 7D39 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240212/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4402329642115120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
57303
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 01:16:24 GMT
etag
3890843268177463596
expires
Wed, 28 Feb 2024 01:16:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
load.js
pm-widget.taboola.com/pawsworld-aubtu/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/pawsworld-aubtu/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9bf0a61b4a6ea675667797f8451a7d3f0384a6dc1b7d7986a5e2541acb503953

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
xCnFBeiMlo6xZ4PQhnKuD4dCP2_UDCy1
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:27 GMT
x-amz-request-id
E0CFAZSS9YTH0SGS
age
1486
x-cache
HIT
content-length
1079
x-amz-id-2
lw/IVas8agJCRrCYTlhaaHBQmhb0cJXruRhdFas4CUCztI9kS8E5aiPvASyMeh5ZHD+/xLKGbBA=
x-served-by
cache-yyz4535-YYZ
last-modified
Fri, 29 Sep 2023 05:24:08 GMT
server
AmazonS3
x-timer
S1707930687.426883,VS0,VE1
etag
"f4d26ce0843cf8632172e5f79c329ae5"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
impl.20240214-30-RELEASE.js
cdn.taboola.com/libtrc/ 		854 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240214-30-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
fbd6efbcce4ece6b3566e2c27b17c7f8cc43fe7ed5d4bb983d50259c045e719a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
nmZZ6wVgnA2t77TGvGjCzct2.HwM.I_N
content-encoding
br
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:27 GMT
x-amz-request-id
XW0WDSRMZE222ZE5
age
6868
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
180289
x-amz-id-2
C1KskiXKFGakHFXe4uLs3JjwUHdTp3UetvqcfoJydGydJ+wWGHrfdoh9Ro6oytW4F4RmYaCes9k=
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 14 Feb 2024 15:12:55 GMT
server
AmazonS3-br
x-timer
S1707930687.417923,VS0,VE0
etag
"d24b7c5746a5c3ecd29a066f3e6ed74a"
vary
Accept-Encoding
content-type
application/javascript
abp
98
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2653
embed_lib_v1.0.12.css
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.css
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.0.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-0-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c107541703c4d748d507c1827566254c8a950dc913e83f6ec490e5cec3eca0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
d0a5dc3f
date
Wed, 14 Feb 2024 17:11:27 GMT
content-encoding
br
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
Ii2KDY04c+qhyedihYMYdg==
x-cache
TCP_MEM_HIT from a23-52-15-209.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1.1-53919751) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=1
storage-tier
Standard
content-length
1343
last-modified
Mon, 22 Jan 2024 19:32:26 GMT
opc-request-id
iad-1:F-GmYTpkYt4vDKCxQ32P6nxr9VDw3mn9AP2-fBr-X2mRyQIYr7QV2qcFWqYCRzTY
x-api-id
native
etag
39224e5f-f8d6-4c55-ae56-505ef909cad1
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
text/css
version-id
13b130cc-bbd0-4b27-8c6e-b602952002cb
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 17:11:27 GMT
embed_lib_v1.0.12.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.0.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-0-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
837952667afe5b3e25ecaea19e3884e52add3125525a16d5c513270c9c50a8a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
d0a5e1de
date
Wed, 14 Feb 2024 17:11:27 GMT
content-encoding
br
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
VdrKLRPQL3RIZZVN/2qAoQ==
x-cache
TCP_MEM_HIT from a23-52-15-209.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1.1-53919751) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0
storage-tier
Standard
content-length
5716
last-modified
Mon, 22 Jan 2024 19:32:27 GMT
opc-request-id
iad-1:yvN4bg8V8-n5uytG9lmowXEj__qYpCIackWLttBw9Erfjec96OfeMYVrdXo-gqes
x-api-id
native
etag
68841bda-6450-4a08-b6f6-faff4077f49a
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/javascript
version-id
b9e60eac-0991-435a-9f2a-a3f1f27e2397
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 15 Mar 2024 17:11:27 GMT
664671111664184
connect.facebook.net/signals/config/ 		52 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/664671111664184?v=2.9.145&r=stable&domain=aubtu.biz&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ce095675ea5298dfa1fb4f00b865391dbc8e11fba004bb46d7c21bbc2e36776c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Feb 2024 17:11:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
WItywMgEQQSfQWVbf86+212QUOpu9RDyUIPRQnwgK13J7orzoONXH2x4s30qSzUX4PmwN/i2Vo5Uf6lNZXuNCA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ht.js
sdk.ocmhood.com/sdk/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4PXN0NzP3GTQ2D6AxNDY4MjE0NoL7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/webpush/publishers/1622640/taboola-push-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e17103af4adc7602c2bef81ef6a45f83b558713d22d86a488f1a3b6ff0aaee5

Request headers

Referer
https://aubtu.biz/
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6076
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Thu, 08 Feb 2024 07:04:18 GMT
server
cloudflare
etag
W/"65c47cf2-2f04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=by4DiOqkCYHw3JFGzJoV31oYyCExy2qcMH%2FHiLg%2FWarFmr8dWJwTepF%2F2g7Qmk6n8zHx3PMSsjyXJCiPUmpkrMk%2BCrs1WQiVDhk9qOBaMQ2k%2B2wJRVVzUjh0Cqkhr7wYs%2FBJQz%2BLDPSB3keNKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8556ee305fd136d3-YYZ
js
www.googletagmanager.com/gtag/ 		247 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0NE7QEYY49&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153122571-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
486ac1c74d1a2d3b7d0af9377dd58e498439bd478f1b5d88bc3dcc5fdd0298e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87698
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Feb 2024 17:11:27 GMT
js
www.googletagmanager.com/gtag/ 		290 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YRNMJ55HGC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153122571-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77a0cb3657198fe84cd7e35701eed9aa61ceab2fc36cd8cef930c833939de1c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98421
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Feb 2024 17:11:27 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E0V1KFEERL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138655475-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ccf317a671f2a302308208462181077cf964f37540f3cdc5e2f1b4d01d879c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83507
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Feb 2024 17:11:27 GMT
js
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-276513175-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YRNMJ55HGC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
907c7c3cc61d1160481c1f4a9fcad333e4650a06baf38eb5ad57769d6de05794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67128
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Feb 2024 17:11:27 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YRNMJ55HGC&gtm=45je42c0v9132936568za200&_p=1707930686581&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=130507260.1707930688&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707930687&sct=1&seg=0&dl=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&dt=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4677
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YRNMJ55HGC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aubtu.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pmk-20220605.4.js
pm-widget.taboola.com/pawsworld-aubtu/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/pawsworld-aubtu/pmk-20220605.4.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/pawsworld-aubtu/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
913c656964ae440b6b05d8faa7212450d9b90bf5c6f968f474c6fe2692c891e1

Request headers

Referer
https://aubtu.biz/
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
xArSPsN11DcH8nx2ujgNyFcL9G2QSEgu
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:28 GMT
x-amz-request-id
ZV6SCZWWYYVBXB72
age
1671452
x-cache
HIT
content-length
28797
x-amz-id-2
r43q2Q6Z417mtvseIEuvoZuENTbFhnz6G1oumCi4Zq0qbxx+YN1M61agOomy3D2K/nTjDENL2RQ=
x-served-by
cache-yyz4532-YYZ
last-modified
Fri, 29 Sep 2023 05:24:07 GMT
server
AmazonS3
x-timer
S1707930688.154316,VS0,VE0
etag
"da198237ffcb95c40b83d0c828fe474a"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
2
cmp2.js
cmp.inmobi.com/tcfv2/ 		158 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=aubtu.biz
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/L96hBvc-zR343/aubtu.biz/choice.js?tag_version=V3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:d400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e447ee4df3219da6719b4398eb71308bd05f59452ea6324491e5cc1ff3f707ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 16:40:58 GMT
content-encoding
br
via
1.1 c0b8ad2b338051f9d0463eb8de3956ae.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
1831
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Wed, 06 Dec 2023 23:27:11 GMT
server
AmazonS3
etag
W/"996d26bedab319e9c7d582033f52619f"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
x-amz-cf-id
oMBOJvKlaxhtyuVzHArm4lMkX0PJjNiteZRVag06qQDq53X7dCe2vg==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=664671111664184&ev=PageView&dl=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&rl=&if=false&ts=1707930688047&sw=1600&sh=1200&v=2.9.145&r=stable&ec=0&o=4126&fbc=fb.1.1707930688040.IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fbp=fb.1.1707930688046.800599626&ler=empty&cdl=API_unavailable&it=1707930687476&coo=false&exp=e1&rqm=GET
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Feb 2024 17:11:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
64881bab940f820012547cd6.js
buttons-config.sharethis.com/js/ 		625 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/64881bab940f820012547cd6.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-9.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9586c19cca11c7afffb900a4e40913da55cebac5f33059a766b46234a76fe9b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:29 GMT
via
1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 19 Jul 2023 14:49:45 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
etag
"ec20371a25d97802ca572908302d8eef"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
625
x-amz-cf-id
lfPNiIW-ySULTs_qvonMba0J7u3O2JWeWm6JtYQZ2iGy9mZ4z1WCeA==
collect
www.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0NE7QEYY49&gtm=45je42c0v888734385za200&_p=1707930686581&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=130507260.1707930688&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1707930688&sct=1&seg=0&dl=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&dt=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&en=page_view&_fv=1&_ss=1&tfd=5134
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0NE7QEYY49&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aubtu.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-E0V1KFEERL&gtm=45je42c0v9119039090za200&_p=1707930686581&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=130507260.1707930688&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1707930688&sct=1&seg=0&dl=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&dt=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&en=page_view&_fv=1&_ss=1&tfd=5348
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E0V1KFEERL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aubtu.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
udm-r3_v2.23.3.js
bid.underdog.media/ 		490 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udm-r3_v2.23.3.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=16619;tid=1;dt=6;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:d800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b59c84236e1aa480f6e46307bc58e447153f649c3e78390495b1ae6ef08730b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 13:08:32 GMT
content-encoding
gzip
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 19:41:45 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
2520177
etag
"0550b0566d3b7839b95eb11004434e2f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
163970
x-amz-cf-id
p7642Y6WARewbP9welVTMmUT0y1xBGNYyEcx6nQVT9PxE3xlLpguMw==
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=16619;tid=1;dt=6;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:28 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 21 Feb 2024 17:11:28 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.2551514
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.2551514
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=5976599867382856814;cb=0.2551514
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=5976599867382856814;cb=0.2551514
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:29 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:28 GMT
an-x-request-uuid
e01d858a-e847-41c7-8472-287955c12743
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=5976599867382856814;cb=0.2551514
x-proxy-origin
166.0.205.80; 166.0.205.80; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjlDRkIyQ0EtNjIzOC00OTdCLTgyRTktQTczMDMxQTVBNDRF&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?cb=0.2551514&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D29CFB2CA-6238-497B-82E9-A73031A5A44E&us_privacy=%24%7BUS_PRIVAC...
  • https://udmserve.net/udm/fetch.pix?pmid=29CFB2CA-6238-497B-82E9-A73031A5A44E
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?pmid=29CFB2CA-6238-497B-82E9-A73031A5A44E
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:31 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?pmid=29CFB2CA-6238-497B-82E9-A73031A5A44E
date
Wed, 14 Feb 2024 17:11:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatchredir
ssum-sec.casalemedia.com/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.2551514%3Bindx%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.2551514%3Bindx%3D&s=199174&C=1
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.2551514%3Bindx%3D&s=199174&C=1
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoloYohnQIKtK1oQ4DJqOndpkt2VEr0Pu%2FLgqwD306oq2MIa9eEzMGQJh8OqFeDYtG%2BeV%2Fu2ufpJCZoYJezK%2BubF2ETqDZLrhIMBmdWIQ2l1dBO2x%2FuQQPJxNV%2BjkN1dq5L%2B8FAA7vkCaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8556ee35cbe839d5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6vif5V1gpOdHSqGDifAn4eHD4G3nz8%2BVDFzXaD8WMfK0kAKMoCFIAVVkoMOdlCFXuP7x7GCPOXqF0v1Prb4oOs9Nsd1diJcZGr1SX2ZZS80tyOzk%2FELqM0X08QFoGCqaO2nZMEvhmwNDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.2551514%3Bindx%3D&s=199174&C=1
cache-control
no-cache
cf-ray
8556ee34da5a39d5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.2551514
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.2551514&verify=true
  • https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-RSfgsm9E2uIeXm.g0VtDmG8_w8lNb1ib~A
43 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-RSfgsm9E2uIeXm.g0VtDmG8_w8lNb1ib~A
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:29 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-RSfgsm9E2uIeXm.g0VtDmG8_w8lNb1ib~A
date
Wed, 14 Feb 2024 17:11:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ 		0
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.2551514
  • https://udmserve.net/udm/fetch.pix?dt=1;magid=LSM1U2LG-27-BO6V
43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;magid=LSM1U2LG-27-BO6V
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:30 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://udmserve.net/udm/fetch.pix?dt=1;magid=LSM1U2LG-27-BO6V
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
Expires
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D
  • https://udmserve.net/udm/fetch.pix?dt=1;sncr=54474B5AF93641A18151A055347AB42C;cb=
43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;sncr=54474B5AF93641A18151A055347AB42C;cb=
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:29 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Wed, 14 Feb 2024 17:11:29 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://udmserve.net/udm/fetch.pix?dt=1;sncr=54474B5AF93641A18151A055347AB42C;cb=
access-control-allow-origin
https://aubtu.biz/
x-varnish
668589525
access-control-allow-credentials
true
content-length
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D
  • https://udmserve.net/udm/fetch.pix?dt=1;mgid=1f54ee41-59ba-4aca-996c-b816f5ae1777
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;mgid=1f54ee41-59ba-4aca-996c-b816f5ae1777
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:29 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 14 Feb 2024 17:11:29 GMT
Transfer-Encoding
chunked
Location
https://udmserve.net/udm/fetch.pix?dt=1;mgid=1f54ee41-59ba-4aca-996c-b816f5ae1777
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153122571-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Feb 2024 15:18:26 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6783
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 14 Feb 2024 17:18:26 GMT
json
trc.taboola.com/pawsworld-aubtu/trc/3/ 		46 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/pawsworld-aubtu/trc/3/json?tim=09%3A11%3A28.475&lti=deflated&data=%7B%22id%22%3A502%2C%22ii%22%3A%22%2F20-behind-the-scene-photos%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1707928820205%2C%22vi%22%3A1707930688467%2C%22cv%22%3A%2220240214-30-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Afalse%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw%22%2C%22vpi%22%3A%22%2F20-behind-the-scene-photos%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A27949%2C%22qs%22%3A%22%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20Unit%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20Unit%22%2C%22cd%22%3A27398.109375%2C%22mw%22%3A753.328125%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F20-behind-the-scene-photos%2CBelow%20Article%20Thumbnails%20Unit%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240214-30-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
960c6e77d21e67edf35d4089c31f5f668576440998dd13f8e02bc9609776d360

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
564
date
Wed, 14 Feb 2024 17:11:29 GMT
content-encoding
gzip
via
1.1 varnish
x-datadome
protected
cpu
0.844
x-fastly-to-nlb-rtt
11925
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-yyz4535-YYZ
x-log-content-encoding
gzip
server
nginx
x-timer
S1707930689.519297,VS0,VS0,VE564
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://aubtu.biz
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6241 		207 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&adk=1812271804&adf=3025194257&lmt=1707930684&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=6&bdt=2553&idt=813&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5591581463296&frm=20&pv=2&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1496
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c663114080bba9f6351e06ed7c9612113c1cb37f304d3d841bb56c002ba9e73f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
56471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 17:11:29 GMT
expires
Wed, 14 Feb 2024 17:11:29 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1156 		101 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b7d3d5839d3c7b752a3e71aa4d50f3335015265bd64e15c80684020aac63882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39602
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 17:11:28 GMT
expires
Wed, 14 Feb 2024 17:11:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 19EE 		87 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=2297727133&adk=4215942016&adf=2329959825&pi=t.ma~as.2297727133&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=964&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1535
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8da0e4480f4de59c40160daf8d6dfc960f90d47e27c205214ccf8f2e7073e819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
27682
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 17:11:29 GMT
expires
Wed, 14 Feb 2024 17:11:29 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7BC0 		841 B
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=3419237118&adk=250397188&adf=3641343473&pi=t.ma~as.3419237118&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1082&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1558
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62eefdb70cb6728f0f3cd4b84920e0f835420ee91967dcb61b8350f30c4f2671
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
408
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 17:11:28 GMT
expires
Wed, 14 Feb 2024 17:11:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5794 		129 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5baccfd571abd5e5884066c487b815694250f555a2a8ab2b192d6acb7e85df24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42430
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 17:11:29 GMT
expires
Wed, 14 Feb 2024 17:11:29 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2832 		123 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=1914583755&adk=2343838045&adf=3406639008&pi=t.ma~as.1914583755&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1284&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=6708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=1594
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b3b45491bebb5a752c2119c376e876d93ac7576d0bd913adcc24f210ad18aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42875
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 17:11:29 GMT
expires
Wed, 14 Feb 2024 17:11:29 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxUul85Lu7ld8bvcT26yg0GXGgRqvXsvExA1qqpgswAl5KECzFr_PlW833r1gywUjGRfHVGQPfz3LP1FoCjh2Zx9Uxfp8sp3FcCQ4IahLd1d3fsZFOgHaI1j48cTnMrfm-lynyKiYg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUul85Lu7ld8bvcT26yg0GXGgRqvXsvExA1qqpgswAl5KECzFr_PlW833r1gywUjGRfHVGQPfz3LP1FoCjh2Zx9Uxfp8sp3FcCQ4IahLd1d3fsZFOgHaI1j48cTnMrfm-lynyKiYg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3OTMwNjg4LDc0NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hdWJ0dS5iaXovMjAtYmVoaW5kLXRoZS1zY2VuZS1waG90b3MiLG51bGwsW1s4LCJvSFFCOU9lN0NVNCJdLFs5LCJlbi1VUyJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db17c6869684741a1d70cb30833b79a94d6f2c34757bb7bba6c639a073701b5f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0MHiMZGB16XbwicpCf1yOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-0MHiMZGB16XbwicpCf1yOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4KghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48Hy5vw6axcEdNZ4-qms-YBMd-66ay666ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYgIP6cOYP1NxD71M9gjQFiIR6Ogy82r2MT2PBk0TFGACpsSqA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
NjY4PXN0NzP3GTQ2D6AxNDY4MjE0NoL7.js
cdn.ocmtag.com/tag/ 		279 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmtag.com/tag/NjY4PXN0NzP3GTQ2D6AxNDY4MjE0NoL7.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4PXN0NzP3GTQ2D6AxNDY4MjE0NoL7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70cce706b0ed693542b2a2570b6eaeda2ac15037e50494a179c6de56be0bf22e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6077
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Tue, 07 Nov 2023 11:14:48 GMT
server
cloudflare
etag
W/"654a1c28-117"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2Bv5RfGosq8IHwPcWONJjT8I7P45BmmKndL8aXqCwsXDizON7Ue5pdUQk9KI6sXY%2B3jhy3WsoNWCFB%2FfmfGW5fYso38PGToM3cmi80q%2F5QYFoENuapL2w29wGduxMf6GJiO4Us5BFbIuiW%2Fv0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8556ee3b1dafa211-YYZ
/
pro.ip-api.com/json/ 		113 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
208.95.112.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
c7a25587c4535482dba7e7a3a490e4edddcde435aa5a6d9d0fbf8aafa477498a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Feb 2024 17:11:29 GMT
Content-Length
113
Content-Type
application/json; charset=utf-8
/
pro.ip-api.com/json/ 		113 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
208.95.112.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
c7a25587c4535482dba7e7a3a490e4edddcde435aa5a6d9d0fbf8aafa477498a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Feb 2024 17:11:29 GMT
Content-Length
113
Content-Type
application/json; charset=utf-8
/
beacon.taboola.com/ 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.taboola.com/?cat=webpush&v=1.5&src=pawsworld-scpushnetwork&event=ask
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-served-by
cache-yyz4535-YYZ
date
Wed, 14 Feb 2024 17:11:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1707930690.556418,VS0,VE0
access-control-allow-methods
GET, POST
content-type
x-cache
HIT
cache-control
private, no-store
access-control-allow-credentials
true
accept-ranges
bytes
retry-after
0
x-cache-hits
0
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:e800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 00:29:44 GMT
via
1.1 0e456968e63d1e7575028bb48aa8e96a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
319308
etag
"c6e9be45643e197ce1db1d7e24a99adc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
301
x-amz-cf-id
Nv6ypAoIuy4ZwsNNBB7R4n2oUSDoIrDKMA5p-SLEWkCpCAAFcEouXw==
twitter.svg
platform-cdn.sharethis.com/img/ 		368 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:e800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:08:00 GMT
via
1.1 0e456968e63d1e7575028bb48aa8e96a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 15 Sep 2023 16:58:49 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
213
x-amz-server-side-encryption
AES256
etag
"2deb3d5121d475d195577a70b0a91a0c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
368
x-amz-cf-id
exUyg0bJZhFss1IkYYqeG5qLCbVAluHOCGWOFuM1h1quFGsqSyLZDQ==
reddit.svg
platform-cdn.sharethis.com/img/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/reddit.svg
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:e800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 00:30:05 GMT
via
1.1 0e456968e63d1e7575028bb48aa8e96a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
319288
etag
"78d796ca648d8a5e665b48ed0217c56a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
910
x-amz-cf-id
ScCsyNNPlJ6GA1xKU2xhOUOKgtBq970gnZSBoFPCE5fgjsRmnzg_MQ==
pinterest.svg
platform-cdn.sharethis.com/img/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:e800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 00:30:13 GMT
via
1.1 0e456968e63d1e7575028bb48aa8e96a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
319280
etag
"2b10a062e719c64b686e2e8fcdc216dc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
771
x-amz-cf-id
Xi3HzERRGGZoz-aWTXzjwWuEcNSg0ZfzQpGzmHgNeUwNl9v-LzHxjw==
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240214-30-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
294503
expires
60
rules-p-effSsmMYCbAck.js
rules.quantcount.com/ 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 16:54:23 GMT
via
1.1 a7253311f94fb967603a1d22f7a3c43a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
1030
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:21:01 GMT
server
AmazonS3
etag
"435cbd9bc4b3440e866ad1f4f7d1ef02"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
PTEKNtO8n6ZDCyj_YhU2cIKY6FPKuj74gXT0Y_5SvzI6B8yYFCWDKg==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 16:24:57 GMT
via
1.1 a7253311f94fb967603a1d22f7a3c43a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
2796
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:00:33 GMT
server
AmazonS3
etag
"eee1bd1fc55b604b66cd9e63c4f811b8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
yw03MGhMGagfPZCawNLR6NgQX6lKioBJQmKo2AFp4zw1YNGq5sAovg==
11778604948800383788
tpc.googlesyndication.com/simgad/ Frame 1156 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11778604948800383788?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkAaLVHOOPz_bastxbvDcE70OBe7Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2ec1c907004fb1a0d9ade9e9f5d3b19efb55a0319dbaadaea734d86cb5e4c66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 13:38:56 GMT
x-content-type-options
nosniff
age
358353
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13781
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 13:09:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 09 Feb 2025 13:38:56 GMT
tb
15.taboola.com/ 		31 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=pawsworld-aubtu&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails%20Unit&uuip=Feed%20-%20Below%20Article%20Thumbnails%20Unit&cisrf=&cirf=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos&encoded=1&uid=ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1707930689161&tagid=&cntry=CA&platform=1&sesid=38077d24083c9851412bbb5f210898b7&itemid=/20-behind-the-scene-photos&viewid=1707930688467&geolat=&geoing=&deviceifa=&appid=&sd=v2_38077d24083c9851412bbb5f210898b7_ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0_1707930688_1707930688_CNawjgYQ0-FVGNO36MTaMSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoydnjgLWAosvLAXAB&ri=a42ca77decee03eb6c156980cd6fafa2&appname=&cdb=&gdprApplies=false&rid=&sii=-8053746515276440578&oee=true&tpubid=1405139&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=QC&hasGDPRConsent=true&tcfVersion=2&cmpStatus=0&tnetid=1400276&prcnt=&layer=&normp=1&gvv=14929&gvv50=14929&gvv61=&gvv62=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240214-30-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0c0a9ea12a31459021f547029060b7edda447d4ca0b6fdcb4621965f2e995bc1

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Wed, 14 Feb 2024 17:11:29 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1135
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-yyz4535-YYZ
pragma
no-cache
server
nginx
x-timer
S1707930689.213704,VS0,VE34
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
access-control-allow-origin
https://aubtu.biz
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://us-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20240214-30-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20240214-30-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
922d4da282d293c336566051f41dae7816887614c45bced7a20fd4648f0b5180

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
rSudCacb.UvqEHn_EzdFWjjTwPsR1AcC
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:32 GMT
x-amz-request-id
0MBGAXYV3C0H7JM3
age
6412
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
xkyfaCcn4feKESopzqDkhyBLXInIOFx53hiW9LOKiR9C4n56Oanh56bt860WdbSjjST1pZuquTI=
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 14 Feb 2024 15:24:36 GMT
server
AmazonS3
x-timer
S1707930692.316258,VS0,VE0
etag
"f702c71d30bc3e724003056b0558bdb5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
97
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1883
feed-view.20240214-30-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-view.20240214-30-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e7685c9817b088508b635cc43658ba61232218764168690499825ee72f0646b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
ikx8MqIDZhZqhocmR1zDOHebaQ2s37sd
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:32 GMT
x-amz-request-id
A79PEG5SP42TRT9B
age
6424
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6562
x-amz-id-2
Ub2aJhR0qiBqg3KP94MT990VK/k+fyCZ2NnlzdfqagcTmz+a1xwPa19OHns4HFc6h93BLyTJ2Sc=
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 14 Feb 2024 15:24:27 GMT
server
AmazonS3
x-timer
S1707930692.392538,VS0,VE0
etag
"c0b6078d6d91fa5c726541533d6551f8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
82
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
648
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:32 GMT
x-amz-request-id
Q7B3P4ZAV2Y366GK
age
67
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
fYnop51yVYrXTh+dYjlCijAkUb1qj12DuyfEXsHN+R/b7H/4m3vl37rjBaDhWcVaftKElyow4dw=
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1707930692.466298,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
92
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
26
userx.20240214-30-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20240214-30-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20db9f44d2c21673244ab85bf97ad1864ec6aaf63927464d3cb30960760e192e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
pn6IgA01mJgypKQdVElF9d9vsebP8ypx
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:32 GMT
x-amz-request-id
YA4Q256H1VFF6BHT
age
6473
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5540
x-amz-id-2
emKa86ak8lJMFLCtKWfBOO47Q1LFnCpGi+q4Hgme66ewX5r6bMmOXL+4ZLpgtreujMIp7trYAjU=
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 14 Feb 2024 15:23:26 GMT
server
AmazonS3
x-timer
S1707930693.537975,VS0,VE0
etag
"11ceb14ae4e17862ed9b26bdf460dd74"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
4
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
864
distance-from-article.20240214-30-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20240214-30-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dac7d269de1b7c588aed44c9d137ff62b10717e1521b820e5bc4c8a089fa9879

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
Tv8JqK0LyOJqNNS15ejAZuPpUPLHnPjm
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:32 GMT
x-amz-request-id
K9RR68XHY6ZJEP8C
age
6403
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
yQaqKFoHkbW20yGBTMlLFe3bydzKLvPBbzWrnYCitiKctpkOLNGDdIpezmO8M7MzScywJFhxk0Y=
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 14 Feb 2024 15:24:50 GMT
server
AmazonS3
x-timer
S1707930693.538853,VS0,VE0
etag
"cb7f665e2de080cb6c7c40f6df82f25c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
0
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2090
article-detection.20240214-30-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20240214-30-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a040fa43a3d290f5836b4310aa18a1933fb5e4df24005a6a0741c9e9789a9756

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
8dCsJUkA4fdPAWScjhwoFVVGb56H5Ep3
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:32 GMT
x-amz-request-id
26BN7DP21NAA6DFH
age
6382
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
NQSJGxbMDNA75J4y+/foftsBfhNACfIe0GnavzzB5Qj7r7Vs62CD+OLPWugNUhLy2AhWSjmCPJs=
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 14 Feb 2024 15:25:10 GMT
server
AmazonS3
x-timer
S1707930693.538836,VS0,VE0
etag
"f63210279e5c84015da9acbc69326d2a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2071
article-and-feed-area-scanner.20240214-30-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20240214-30-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a3043143dd7e73c568e6ab46e009e2242cf9344de8689bc62131266864cd8ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
e9_fnNKm14EOST2seT78btg3Q2OZpktp
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:32 GMT
x-amz-request-id
XKPKW3VRBHHRKWAZ
age
6376
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1148
x-amz-id-2
hjjtBOE//SFoJyC75LWcyNQsdb5u/aYCLSDHKduZ4fgV8yFo5h9CB37q5gScxvPdJqsXJrtdyVI=
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 14 Feb 2024 15:25:16 GMT
server
AmazonS3
x-timer
S1707930693.539273,VS0,VE0
etag
"1fec2c8b371a4f99eba62be0fd9853bf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
22
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
548
explore-more.20240214-30-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20240214-30-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20733a4b7a7b865ae6f20a13bef08fb7741c618c862d9b239d56e1d3fe792c32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
mV.0KDUeNcpYcBsXT6meOO_5quUR0SaI
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:32 GMT
x-amz-request-id
0MBQ8QWKJG6XEF6J
age
6413
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7617
x-amz-id-2
0TDeKlK/L/3bl+nmvzOjacxHgpfxJhwcM2YRVQyzzyCkWmYW1xPJ7Bbx9dFcgsmNWfbbOYl1u2M=
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 14 Feb 2024 15:24:40 GMT
server
AmazonS3
x-timer
S1707930693.614777,VS0,VE0
etag
"9a9f56253592bf162f2e7c52656828df"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
14
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
528
abtests
ch-trc-events.taboola.com/pawsworld-aubtu/log/3/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/3/abtests?route=US:CH:V&tvi2=10685&tvi48=-48&tvi50=14929&lti=deflated&ri=a42ca77decee03eb6c156980cd6fafa2&sd=v2_38077d24083c9851412bbb5f210898b7_ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0_1707930688_1707930688_CNawjgYQ0-FVGNO36MTaMSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoydnjgLWAosvLAXAB&ui=ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0&pi=/20-behind-the-scene-photos&wi=-8053746515276440578&pt=text&vi=1707930688467&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22rendered%22%2C%22type%22%3A%7B%22renderingHeight%22%3A3010%2C%22scrollHeight%22%3A0%7D%2C%22eventTime%22%3A1707930689182%7D&tim=09%3A11%3A29.183&id=3449&llvl=2&cv=20240214-30-RELEASE&
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Feb 2024 17:11:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/pawsworld-aubtu/log/3/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/3/abtests?route=US:CH:V&tvi2=10685&tvi48=-48&tvi50=14929&lti=deflated&ri=a42ca77decee03eb6c156980cd6fafa2&sd=v2_38077d24083c9851412bbb5f210898b7_ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0_1707930688_1707930688_CNawjgYQ0-FVGNO36MTaMSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoydnjgLWAosvLAXAB&ui=ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0&pi=/20-behind-the-scene-photos&wi=-8053746515276440578&pt=text&vi=1707930688467&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1707930689187%7D&tim=09%3A11%3A29.187&id=1829&llvl=2&cv=20240214-30-RELEASE&
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Feb 2024 17:11:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/pawsworld-aubtu/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/3/supply-feature?route=US:CH:V&tvi2=10685&tvi48=-48&tvi50=14929&lti=deflated&ri=a42ca77decee03eb6c156980cd6fafa2&sd=v2_38077d24083c9851412bbb5f210898b7_ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0_1707930688_1707930688_CNawjgYQ0-FVGNO36MTaMSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoydnjgLWAosvLAXAB&ui=ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0&pi=/20-behind-the-scene-photos&wi=-8053746515276440578&pt=text&vi=1707930688467&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A11%3A29.224&id=54&llvl=2&cv=20240214-30-RELEASE&
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Feb 2024 17:11:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/ Frame 1156 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 63F0 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2947
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 16:22:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bc_UZYxC75kqDLRiEd9GoEYOmovVVM.js
bid.underdog.media/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/bc_UZYxC75kqDLRiEd9GoEYOmovVVM.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:d800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bb4b640d1688934d0ace6bfa7931c5e2f72d582c63e4815964d77bb4c4c8d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:25 GMT
content-encoding
gzip
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 17:00:08 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
8
etag
"d32df8e1f550cbfcaf5a9b33fac1dfb6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
2266
x-amz-cf-id
YEb88q6lxeOYw9K9nU9my16ydgMPirRqJNMAHiJu4zyEGPbmWKNuyA==
rrv7.js
bid.underdog.media/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/rrv7.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:d800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4c3d3313a78c50dc7cb741cd059d9caa9b7dcdbdee7576477b41d013417dc6f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 16:01:45 GMT
content-encoding
gzip
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 16:00:02 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
4189
etag
"0652daeaf5140e78a559f9d26ee598ec"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
accept-ranges
bytes
content-length
765
x-amz-cf-id
TILK96DxuXdWhHa9oeQgF9Py88muEe9n98G9317w3uPSFGAGjpxLZA==
translator
hbopenbid.pubmatic.com/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.87 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://aubtu.biz
date
Wed, 14 Feb 2024 17:11:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.8.0&cb=707901404&lsavail=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://aubtu.biz
date
Wed, 14 Feb 2024 17:11:30 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
c
prebid.a-mo.net/a/ 		25 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ab3b15e47d62b085e3e6b2f258e8d7d124908ea733f5a0a8ec51fe5a189ccbe5

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 17:11:29 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://aubtu.biz
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
260
content-length
14272
hb
ssc.33across.com/api/v1/ 		118 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dkejSs2SCr7iekrkHcnlxd
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
f6a48eaca7d5a5d7b0e32ddb97d844467720411226437af2ce253d199138dc88

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 17:11:30 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://aubtu.biz
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		118 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bczu8o2SGr7ioqrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
f6a48eaca7d5a5d7b0e32ddb97d844467720411226437af2ce253d199138dc88

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 17:11:30 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://aubtu.biz
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		118 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bY72b-2SGr7io5rkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
f6a48eaca7d5a5d7b0e32ddb97d844467720411226437af2ce253d199138dc88

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 17:11:30 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://aubtu.biz
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
prebid.media.net/rtb/ 		51 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUG6HNM2
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
68472deb2f20312c692efb85b94f6de29b7ecbc5d554016fe267c4b6d20175e7

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:30 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://aubtu.biz
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
115
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Feb 2024 17:11:30 GMT
arj
underdogmedia-d.openx.net/w/1.0/ 		191 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdogmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&ch=UTF-8&res=1600x1200x24&ifr=false&tz=480&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=%2C%2C%2C&nocache=1707930689573&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&us_privacy=1---&pubcid=6d5fd495-6f00-49cd-8f8d-3f14c0c7aa3c&schain=1.0%2C1!udmserve.net%2C3347%2C1%2C%2C%2C&aus=728x90%7C300x250%7C160x600%7C300x600&divids=slider-middle-728x90%2Cslider-300x250%2Cslider-160x600%2Cslider-300x600&aucs=slider-middle-728x90%2Cslider-300x250%2Cslider-160x600%2Cslider-300x600&auid=558951699%2C558951700%2C558951701%2C558951703&aumfs=60%2C60%2C60%2C60
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8c40ba50e863c43ab12a9f249119205e66a688e943b32dc8d2f07f170ebf6c76

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:30 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://aubtu.biz
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24042&site_id=403056&zone_id=2257012%3B2257008%3B2257020%3B2257462&size_id=2%3B15%3B9%3B10&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!udmserve.net,3347,1,,,&eid_pubcid.org=6d5fd495-6f00-49cd-8f8d-3f14c0c7aa3c%5E1&rf=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&tg_i.domain=aubtu.biz&tg_i.page=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&tg_i.pbadslot=slider-middle-728x90%3Bslider-300x250%3Bslider-160x600%3Bslider-300x600&tk_flint=pbjs_lite_v8.8.0&l_pb_bid_id=48f57e2abfdeda4%3B496d13773c35f6b%3B50c59942bbe8a62%3B512c569d09b9f9f&p_screen_res=1600x1200&rp_floor=0.06593406593406594&rp_secure=1&rp_hard_floor=0.07&rp_maxbids=1&p_gpid=slider-middle-728x90%3Bslider-300x250%3Bslider-160x600%3Bslider-300x600&slots=4&rand=0.24261253523974746
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1326ec9f555d7110f760f8bce30b6d0ca27ea10a1f953a727d73bffd945de7fc

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:30 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://aubtu.biz
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		53 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
6ba83b26dede7e2161a4dae0cf9babf33acd1b29cdc12748bf2ecdaa2d3f16a7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:29 GMT
content-encoding
gzip
an-x-request-uuid
3d719afd-9019-44e1-803c-bc857c533c77
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://aubtu.biz
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.80; 166.0.205.80; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ortb
bid.contextweb.com/header/ 		0
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
cwdl
22/4211,22/4211,22/4211,22/4211
access-control-allow-origin
https://aubtu.biz
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
cw-server
bid-deployment-75bb5f8776-252sr
social
ch-trc-events.taboola.com/pawsworld-aubtu/log/3/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/3/social?route=US:CH:V&tvi2=10685&tvi48=-48&tvi50=14929&lti=deflated&ri=a42ca77decee03eb6c156980cd6fafa2&sd=v2_38077d24083c9851412bbb5f210898b7_ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0_1707930688_1707930688_CNawjgYQ0-FVGNO36MTaMSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoydnjgLWAosvLAXAB&ui=ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0&pi=/20-behind-the-scene-photos&wi=-8053746515276440578&pt=text&vi=1707930688467&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%2220%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies%22%2C%22sec%22%3A%22undefined%22%2C%22aut%22%3A%5B%22Jessica%20Wilson%22%5D%2C%22img%22%3A%22https%3A%2F%2Faubtu.biz%2Fimages%2Fthumbnail%2Fpost%2F202309%2F762-353-1696043301-161636.webp%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=09%3A11%3A29.629&id=9653&llvl=2&cv=20240214-30-RELEASE&
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Feb 2024 17:11:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
ch-trc-events.taboola.com/pawsworld-aubtu/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/2/debug?tim=09%3A11%3A29.632&type=usage&msg=New_CTA-event-1707930689632&llvl=2&id=7031&cv=20240214-30-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-1414249385161184846~~MEdY-SzAG551%22%7D
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17171
debug
ch-trc-events.taboola.com/pawsworld-aubtu/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/2/debug?tim=09%3A11%3A29.633&type=usage&msg=New_CTA-event-1707930689633&llvl=2&id=9143&cv=20240214-30-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-1414249385161184846~~MEdY-SzAG551%22%7D
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18303
debug
ch-trc-events.taboola.com/pawsworld-aubtu/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/2/debug?tim=09%3A11%3A29.641&type=usage&msg=New_CTA-event-1707930689641&llvl=2&id=7309&cv=20240214-30-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-5788376255135234370~~V25FLSLWbqsr%22%7D
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21389
debug
ch-trc-events.taboola.com/pawsworld-aubtu/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/2/debug?tim=09%3A11%3A29.642&type=usage&msg=New_CTA-event-1707930689642&llvl=2&id=1711&cv=20240214-30-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-5788376255135234370~~V25FLSLWbqsr%22%7D
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21389
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/ Frame 19EE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=2297727133&adk=4215942016&adf=2329959825&pi=t.ma~as.2297727133&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=964&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1535
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
css
fonts.googleapis.com/ Frame 19EE 		9 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=2297727133&adk=4215942016&adf=2329959825&pi=t.ma~as.2297727133&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=964&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1535
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Feb 2024 17:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 16:20:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Feb 2024 17:11:29 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 19EE 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=2297727133&adk=4215942016&adf=2329959825&pi=t.ma~as.2297727133&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=964&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1535
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29914
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2939
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 08:52:56 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 19EE 		378 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=2297727133&adk=4215942016&adf=2329959825&pi=t.ma~as.2297727133&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=964&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1535
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29714
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134582
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 08:56:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 19EE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=2297727133&adk=4215942016&adf=2329959825&pi=t.ma~as.2297727133&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=964&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1535
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
abtests
ch-trc-events.taboola.com/pawsworld-aubtu/log/3/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/3/abtests?route=US:CH:V&tvi2=10685&tvi48=-48&tvi50=14929&lti=deflated&ri=a42ca77decee03eb6c156980cd6fafa2&sd=v2_38077d24083c9851412bbb5f210898b7_ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0_1707930688_1707930688_CNawjgYQ0-FVGNO36MTaMSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoydnjgLWAosvLAXAB&ui=ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0&pi=/20-behind-the-scene-photos&wi=-8053746515276440578&pt=text&vi=1707930688467&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1707930689683%7D&tim=09%3A11%3A29.683&id=7683&llvl=2&cv=20240214-30-RELEASE&
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Feb 2024 17:11:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
ch-trc-events.taboola.com/pawsworld-aubtu/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/2/debug?tim=09%3A11%3A29.694&type=usage&msg=New_CTA-event-1707930689694&llvl=2&id=2426&cv=20240214-30-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-1414249385161184846~~qLvQPWFr-WRr%22%7D
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21389
debug
ch-trc-events.taboola.com/pawsworld-aubtu/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/2/debug?tim=09%3A11%3A29.695&type=usage&msg=New_CTA-event-1707930689695&llvl=2&id=2361&cv=20240214-30-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-1414249385161184846~~qLvQPWFr-WRr%22%7D
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20011
css
fonts.googleapis.com/ Frame 2832 		4 KB
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=1914583755&adk=2343838045&adf=3406639008&pi=t.ma~as.1914583755&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1284&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=6708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=1594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Feb 2024 17:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 15:25:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Feb 2024 17:11:29 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 2832 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=1914583755&adk=2343838045&adf=3406639008&pi=t.ma~as.1914583755&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1284&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=6708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=1594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:59:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
29525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Feb 2024 08:59:24 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/ Frame 2832 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=1914583755&adk=2343838045&adf=3406639008&pi=t.ma~as.1914583755&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1284&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=6708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=1594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 2832 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=1914583755&adk=2343838045&adf=3406639008&pi=t.ma~as.1914583755&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1284&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=6708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=1594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 2832 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=1914583755&adk=2343838045&adf=3406639008&pi=t.ma~as.1914583755&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1284&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=6708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=1594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2832 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=1914583755&adk=2343838045&adf=3406639008&pi=t.ma~as.1914583755&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1284&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=6708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=1594
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 16:28:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
2569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62867
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 17:28:40 GMT
c0f9635aabdd33ab086e3930fa461563.js
www.gstatic.com/mysidia/ Frame 2832 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=1914583755&adk=2343838045&adf=3406639008&pi=t.ma~as.1914583755&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1284&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=6708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=1594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 13:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15250
x-xss-protection
0
last-modified
Fri, 09 Feb 2024 05:57:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 10 May 2024 13:53:33 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.7.8/ 		121 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.7.8/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240214-30-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23812654c272bc61f612225e8d7ed0fca6bb5533d4fec3887bced90f8f7e65e7

Request headers

Referer
https://aubtu.biz/
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
via
1.1 fb9ce5ade4fc6d73adc1e5a3c12522de.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
YTO50-C2
age
1137489
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34289
x-served-by
cache-yyz4532-YYZ
last-modified
Thu, 01 Feb 2024 12:49:05 GMT
server
AmazonS3
x-timer
S1707930693.331882,VS0,VE0
etag
"7235b2a4c1411dc253b062a6fa9266c4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
PP0hSdPeiYrx7mfy7v3qjC8WzUNwy9P2l7CrD4_zw_qmJQ0EolQKzw==
x-cache-hits
67440
debug
ch-trc-events.taboola.com/pawsworld-aubtu/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/2/debug?tim=09%3A11%3A29.710&type=usage&msg=New_CTA-event-1707930689710&llvl=2&id=7874&cv=20240214-30-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-5788376255135234370~~1NvIYvy_eCgn%22%7D
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25092
debug
ch-trc-events.taboola.com/pawsworld-aubtu/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/2/debug?tim=09%3A11%3A29.711&type=usage&msg=New_CTA-event-1707930689711&llvl=2&id=3154&cv=20240214-30-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-5788376255135234370~~1NvIYvy_eCgn%22%7D
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24107
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 1156 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
2642772135270945011
tpc.googlesyndication.com/simgad/ Frame 5794 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2642772135270945011?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkMNjHyititpgijsPnysPrIei0OHA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
869dbf213c53f05ca45d1c99d51bb00e6924671f01e036cd48194412e254e0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 13:00:41 GMT
x-content-type-options
nosniff
age
15048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34715
x-xss-protection
0
last-modified
Sun, 11 Feb 2024 12:14:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Feb 2025 13:00:41 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/ Frame 5794 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 5794 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 5794 		67 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 17:41:13 GMT
x-content-type-options
nosniff
server
cafe
age
84616
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Wed, 14 Feb 2024 17:41:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 5794 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5794 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 16:28:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
2569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62867
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 17:28:40 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 5794 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:26:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
63921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14610
x-xss-protection
0
server
cafe
etag
17234995959194474601
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:26:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 1156 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/ Frame 1156 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 1156 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1156 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 16:28:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
2569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62867
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 17:28:40 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 1156 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:26:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
63921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14610
x-xss-protection
0
server
cafe
etag
17234995959194474601
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:26:08 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/ 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fd1a3ee39b854a12c5831a4465763e2db54524ab2f81dbbd0933c93333cda67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57345
x-xss-protection
0
server
cafe
etag
10298881353229030457
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 17:11:33 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4402329642115120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9308cefd74c19c346b7e271c3f8addd5219d95d8102c80b0a9a8948c7daf165
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32258
x-xss-protection
0
server
cafe
etag
3162498583148443221
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 17:11:33 GMT
playerConfig
socket.unibots.in/website/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socket.unibots.in/website/playerConfig?playerName=aubtu.biz_1705573857815
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.104.206.52 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-104-206-52.ip.linodeusercontent.com
Software
/ Express
Resource Hash
58e299f72494c4f59a2d35594612a07a3e1e75a83579512773c6ef8d4a13bde0

Request headers

Accept
application/json, text/plain, */*
Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Feb 2024 17:11:30 GMT
keep-alive
timeout=5
x-powered-by
Express
content-length
4564
etag
W/"11d4-Edpp5HauSAmBaCiGMjIFn//mvSw"
content-type
application/json; charset=utf-8
playerConfig
socket.unibots.in/website/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socket.unibots.in/website/playerConfig?playerName=aubtu.biz_1705573857815
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.104.206.52 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-104-206-52.ip.linodeusercontent.com
Software
/ Express
Resource Hash
58e299f72494c4f59a2d35594612a07a3e1e75a83579512773c6ef8d4a13bde0

Request headers

Accept
application/json, text/plain, */*
Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Feb 2024 17:11:31 GMT
keep-alive
timeout=5
x-powered-by
Express
content-length
4564
etag
W/"11d4-Edpp5HauSAmBaCiGMjIFn//mvSw"
content-type
application/json; charset=utf-8
s
googleads.g.doubleclick.net/pagead/drt/ Frame C6A4 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 16:22:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=127508270&t=pageview&_s=1&dl=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&ul=en-us&de=UTF-8&dt=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=916575071&gjid=461985835&cid=130507260.1707930688&tid=UA-153122571-11&_gid=807004243.1707930690&_r=1&gtm=457e42c0za200&gcd=13l3l3l3l1&dma=0&tcfd=10000&jsscut=1&z=609369279
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aubtu.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=127508270&t=pageview&_s=1&dl=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&ul=en-us&de=UTF-8&dt=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1584010821&gjid=1284444659&cid=130507260.1707930688&tid=UA-138655475-60&_gid=807004243.1707930690&_r=1&gtm=457e42c0za200&gcd=13l3l3l3l1&dma=0&tcfd=10000&jsscut=1&z=434737940
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aubtu.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=127508270&t=pageview&_s=1&dl=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&ul=en-us&de=UTF-8&dt=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=875968954&gjid=1605657433&cid=130507260.1707930688&tid=UA-276513175-1&_gid=807004243.1707930690&_r=1&gtm=457e42c0z89132936568za200&gcd=13l3l3l3l1&dma=0&tcfd=10000&jsscut=1&z=1491585906
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aubtu.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/3522132213140121975/ Frame 2832 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3522132213140121975/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=1914583755&adk=2343838045&adf=3406639008&pi=t.ma~as.1914583755&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1284&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=6708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=1594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddf292f788bdbd0c3efa85eddf4deebf608a7de8aa307726719d068dba343bb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Thu, 13 Feb 2025 14:25:37 GMT
date
Wed, 14 Feb 2024 14:25:37 GMT
x-content-type-options
nosniff
age
9953
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18654
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:40:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
8578129967820296872
tpc.googlesyndication.com/simgad/ Frame 2832 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8578129967820296872?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=1914583755&adk=2343838045&adf=3406639008&pi=t.ma~as.1914583755&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1284&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=6708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=1594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44cf9986188524d6865217bc88d034930fbd0945db4086c251caaa0486ab8479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Wed, 12 Feb 2025 02:12:31 GMT
date
Tue, 13 Feb 2024 02:12:31 GMT
x-content-type-options
nosniff
age
140339
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6322
x-xss-protection
0
last-modified
Tue, 08 Jan 2019 00:32:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfaz&evt=place&vh=1200&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&hl=en&pvc=100930202271199
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 63F0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 17:11:30 GMT
expires
Wed, 14 Feb 2024 17:11:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 17:11:30 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity
t.ocmhood.com/v2/ 		0
267 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4PXN0NzP3GTQ2D6AxNDY4MjE0NoL7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Feb 2024 17:11:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4rw%2BjZvP7jrH5FqSs9PYxh1oBVdt1lcBn2aYVo5XHd8hR90CDFyTu%2FAurL%2FtunuuUDJ%2FjqC5Qg9h5tbcrGSEDWy6ssk1cNIsAQoyajia4f4k2yk6q731p3d8qcBQT%2BFvYMr2u%2FW64zhpt4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
8556ee5e7cf339e9-YYZ
alt-svc
h3=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4PXN0NzP3GTQ2D6AxNDY4MjE0NoL7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Feb 2024 17:11:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3wuISCrKGPqKS4AgVQ%2BDzj9pV44aD%2FZowHAikUY%2FPfGuwFyf12vmdyplmL1k27k%2BfjCVkdyNW%2BCJ3P%2FE15KSoq3erVX5pmzP2Os9b3ODESaAIZQTZrB2Y%2B4MpPgzOYU4yQ877S8uePXAkk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
8556ee5e7cf739e9-YYZ
alt-svc
h3=":443"; ma=86400
collect
stats.g.doubleclick.net/j/ 		1 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-153122571-11&cid=130507260.1707930688&jid=916575071&gjid=461985835&_gid=807004243.1707930690&_u=YADAAUAAAAAAACAAI~&z=397886581
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 14 Feb 2024 17:11:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aubtu.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-138655475-60&cid=130507260.1707930688&jid=1584010821&gjid=1284444659&_gid=807004243.1707930690&_u=YADAAUABAAAAACAAI~&z=775653497
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 14 Feb 2024 17:11:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aubtu.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2832 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ba1d3fb4f52891d8df2c65ef642cb52f2657235f6d7ac7c4b015773a4bcaebb

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2832 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:48:30 GMT
x-content-type-options
nosniff
age
30180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 08:48:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2832 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:10:11 GMT
x-content-type-options
nosniff
age
28879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 09:10:11 GMT
/
beacon.taboola.com/ 		0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.taboola.com/?cat=webpush&v=1.5&src=pawsworld-scpushnetwork&event=cancel
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-served-by
cache-yyz4535-YYZ
date
Wed, 14 Feb 2024 17:11:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1707930693.471643,VS0,VE0
access-control-allow-methods
GET, POST
content-type
x-cache
HIT
cache-control
private, no-store
access-control-allow-credentials
true
accept-ranges
bytes
retry-after
0
x-cache-hits
0
truncated
/ Frame 1156 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbf0d9a345da69fe11f46ad813bf6f9c55afb752b7ca38b299d7e19ac61dfff6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5794 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b98a011e7c6eaa8735de070567d5061ece01f886e8123808f8cb5f0b6cb8ed51

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 1156
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CFRc9QPTMZcXSKvndrr4Pn82zsAbs6pyidceSr_3-EbCQHxABILSOkUpg_cCUgegDoAH34pu0KMgBAqgDAcgDyQSqBOIBT9DCUYPDec0vhZjoTQV1dx-kBFiMezgIGwJPAkdxPzwMWPuQe2v...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd0075a077abbc20d0000000000000000%22,%222%22:%220x1a947cfd784dddc80000000000000000%22,%223%22:%220xfe207b...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd0075a077abbc20d0000000000000000%22,%222%22:%220x1a947cfd784dddc80000000000000000%22,%223%22:%220xfe207bccc3ab510d0000000000000000%22,%224%22:%220x9adedb4c2e068a880000000000000000%22,%225%22:%220x9406c8f3f084ae3b0000000000000000%22},%22debug_key%22:%228402301793153399040%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2202-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221889000143750567201%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Protocol
H3
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:31 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xd0075a077abbc20d0000000000000000","2":"0x1a947cfd784dddc80000000000000000","3":"0xfe207bccc3ab510d0000000000000000","4":"0x9adedb4c2e068a880000000000000000","5":"0x9406c8f3f084ae3b0000000000000000"},"debug_key":"8402301793153399040","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["02-14"],"6":["true"]},"priority":"500","source_event_id":"1889000143750567201"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 14 Feb 2024 17:11:31 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 14 Feb 2024 17:11:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd0075a077abbc20d0000000000000000","2":"0x1a947cfd784dddc80000000000000000","3":"0xfe207bccc3ab510d0000000000000000","4":"0x9adedb4c2e068a880000000000000000","5":"0x9406c8f3f084ae3b0000000000000000"},"debug_key":"8402301793153399040","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["02-14"],"6":["true"]},"priority":"500","source_event_id":"1889000143750567201"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 5794
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CaMtbQPTMZYW6Lu6Qrr4P4ICRyAvAlMTxdZKXk_3gEdvZHhABILSOkUpg_cCUgegDoAGTrJvYKsgBAqgDAcgDyQSqBPQBT9AXpjH5xPwgPnDK02_kwsW_j-H9isotKRC0xXKT_bpQ7p7jcMK...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8d7fc66493b1905e0000000000000000%22,%222%22:%220x600bcbeeed02eb7b0000000000000000%22,%223%22:%220x8a0706...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8d7fc66493b1905e0000000000000000%22,%222%22:%220x600bcbeeed02eb7b0000000000000000%22,%223%22:%220x8a070635eaa3cd450000000000000000%22,%224%22:%220x11ba6780533ac66e0000000000000000%22,%225%22:%220x402f94bd65af5b580000000000000000%22},%22debug_key%22:%226812305011651201518%22,%22debug_reporting%22:true,%22destination%22:%22https://oppsnothot.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211459286547%22],%2222%22:[%22true%22],%224%22:[%2202-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210725077397578608049%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Protocol
H3
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:31 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x8d7fc66493b1905e0000000000000000","2":"0x600bcbeeed02eb7b0000000000000000","3":"0x8a070635eaa3cd450000000000000000","4":"0x11ba6780533ac66e0000000000000000","5":"0x402f94bd65af5b580000000000000000"},"debug_key":"6812305011651201518","debug_reporting":true,"destination":"https://oppsnothot.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11459286547"],"22":["true"],"4":["02-14"],"6":["true"]},"priority":"500","source_event_id":"10725077397578608049"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 14 Feb 2024 17:11:31 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 14 Feb 2024 17:11:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x8d7fc66493b1905e0000000000000000","2":"0x600bcbeeed02eb7b0000000000000000","3":"0x8a070635eaa3cd450000000000000000","4":"0x11ba6780533ac66e0000000000000000","5":"0x402f94bd65af5b580000000000000000"},"debug_key":"6812305011651201518","debug_reporting":true,"destination":"https://oppsnothot.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11459286547"],"22":["true"],"4":["02-14"],"6":["true"]},"priority":"500","source_event_id":"10725077397578608049"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame C6A4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 17:11:30 GMT
expires
Wed, 14 Feb 2024 17:11:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 17:11:30 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bulk
trc.taboola.com/pawsworld-aubtu/log/3/ 		0
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/pawsworld-aubtu/log/3/bulk?tvi2=10685&tvi48=-48&tvi50=14929&route=US%3ACH%3AV&lti=deflated&bulkSize=10
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240214-30-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
19
date
Wed, 14 Feb 2024 17:11:30 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
14269
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-yyz4535-YYZ
pragma
no-cache
server
nginx
x-timer
S1707930691.778098,VS0,VE19
content-type
image/gif
access-control-allow-origin
https://aubtu.biz
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd0075a077abbc20d0000000000000000%22,%222%22:%220x1a947cfd784dddc80000000000000000%22,%223%22:%220xfe207bccc3ab510d0000000000000000%22,%224%22:%220x9adedb4c2e068a880000000000000000%22,%225%22:%220x9406c8f3f084ae3b0000000000000000%22},%22debug_key%22:%228402301793153399040%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2202-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221889000143750567201%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 14 Feb 2024 17:11:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8d7fc66493b1905e0000000000000000%22,%222%22:%220x600bcbeeed02eb7b0000000000000000%22,%223%22:%220x8a070635eaa3cd450000000000000000%22,%224%22:%220x11ba6780533ac66e0000000000000000%22,%225%22:%220x402f94bd65af5b580000000000000000%22},%22debug_key%22:%226812305011651201518%22,%22debug_reporting%22:true,%22destination%22:%22https://oppsnothot.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211459286547%22],%2222%22:[%22true%22],%224%22:[%2202-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210725077397578608049%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 14 Feb 2024 17:11:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
img.fetch
udmserve.net/udm/ Frame B1CE 		0
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=16619;tid=11;dt=7;p=1;rri=1707930687995_531416_166.0.205.80;mid=48186;zzz=%5B48186%2C1707930687%2C%22B0H9jbsTW440jTCE%2BkyiGA%22%5D;version=v2.23.3;cb=0.32208023081213;qqq=3.3102095336153106;session=1;style=slider;vis=visible;traffic_info=%7B%22utm_source%22%3A%22NG20%22%2C%22utm_medium%22%3A%22ngocptn%22%2C%22utm_campaign%22%3A%22JessicaWilson%22%2C%22utm_term%22%3A%22Sep%2B29%22%2C%22utm_content%22%3A%22TV%2B%26%2BMovies%22%7D;
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
application/x-javascript
Date
Wed, 14 Feb 2024 17:11:33 GMT
Expires
-1d
Connection
Keep-Alive
Content-Length
0
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
/
servedby.flashtalking.com/imp/1/193398;7467377;201;js;GeniusSports;CAProspectingSportsGeniusMediaAppnexusF1SOBSPOPROOMPJUN23300x600/ Frame B1CE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/193398;7467377;201;js;GeniusSports;CAProspectingSportsGeniusMediaAppnexusF1SOBSPOPROOMPJUN23300x600/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=400651.7182609621
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.1.197.91 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-197-91.deploy.static.akamaitechnologies.com
Software
prod-xre-app6.ash11 /
Resource Hash
11c4605115c3f94c799652950f0385338c17c34fb1c1bc33f0ac447bbc458f7d
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Feb 2024 17:11:31 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app6.ash11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
988
Expires
Wed, 14 Feb 2024 17:11:31 GMT
controller
ssl.connextra.com/servlet/ Frame B1CE
Redirect Chain
  • https://ssl.connextra.com/Betway/selector/image?client=Betway&placement=DDM_APN_Betway_CA_Sports_Impression_Pixel_1x1&_cb=2107273533&apnauc=5380958795810579264&bidid=5380958795810579264&dspid=3bc1d...
  • https://ssl.connextra.com/servlet/controller?service=DDM_Betway_CA_Sports_Impression_Pixel_1x1&pubhost=aubtu.biz&image=image%2Fgif&client=Betway&placement=DDM_APN_Betway_CA_Sports_Impression_Pixel_...
68 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.connextra.com/servlet/controller?service=DDM_Betway_CA_Sports_Impression_Pixel_1x1&pubhost=aubtu.biz&image=image%2Fgif&client=Betway&placement=DDM_APN_Betway_CA_Sports_Impression_Pixel_1x1&_cb=2107273533&apnauc=5380958795810579264&bidid=5380958795810579264&dspid=3bc1d7fd2e
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Server
23.58.225.215 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-225-215.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Wed, 14 Feb 2024 17:12:17 GMT
date
Wed, 14 Feb 2024 17:11:32 GMT
x-envoy-upstream-service-time
16
x-served-by
adserver-blue-2
server
istio-envoy
content-length
68
content-type
image/gif

Redirect headers

x-served-by
adserver-blue-4
pragma
no-cache
date
Wed, 14 Feb 2024 17:11:31 GMT
server
istio-envoy
vary
*
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
location
https://ssl.connextra.com:443/servlet/controller?service=DDM_Betway_CA_Sports_Impression_Pixel_1x1&pubhost=aubtu.biz&image=image%2Fgif&client=Betway&placement=DDM_APN_Betway_CA_Sports_Impression_Pixel_1x1&_cb=2107273533&apnauc=5380958795810579264&bidid=5380958795810579264&dspid=3bc1d7fd2e
cache-control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
2
content-length
0
expires
Wed, 14 Feb 2024 17:11:31 GMT
trk.js
cdn.adnxs.com/v/s/241/ Frame B1CE 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/241/trk.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
92ac63b055a0172465a68175250e5675b215a83733c116221f5785abe552c256

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires
Thu, 13 Feb 2025 03:22:46 GMT
Date
Wed, 14 Feb 2024 17:11:33 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
49728
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27925
X-Served-By
cache-lga21980-LGA, cache-yyz4558-YYZ
Last-Modified
Wed, 14 Feb 2024 03:22:23 GMT
Server
AkamaiNetStorage
X-Timer
S1707930694.984971,VS0,VE0
ETag
"0a80c859b54b27e94d766577dcd37bc5:1707880943.060178"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
42, 29559
it
nym1-ib.adnxs.com/ Frame B1CE 		0
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Faubtu.biz%252F20-behind-the-scene-photos&e=wqT_3QLaDfBM2gYAAAMA1gAFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSKjYJCVqBIatb4T8RkD_FL8Qj1D8ZAAAAANejAkAhkD_FL8Qj1D8pCFoJJNgxAAAAgBSu1z8wltvnDTjKDECYOUgCUKyx39QBWJe0pAFgAGj1rMgBePKEBoABAYoBA1VTRJIBAQbwTJgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCAxNDM1NDg2LCAwKTt1ZignaScsIDc2MzQ2MjYsIDApBRQsZycsIDI0MTUzMTQxFSkAcwEVHDk0MTc2NTY2FRYwcicsIDQ0NjE1OTAyMAUW8IuSAqUFIVpJaFQtd2k5bDU4Y0VLeXgzOVFCR0FBZ2w3U2tBVEFCT0FCQUFFaVlPVkNXMi1jTldBQmdyZ1pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFLb0FRS3dBUUM1QVc0U1Y3LXFXLUVfd1FGdUVsZV9xbHZoUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSENfZEVEOVFHRVRKRV9tQUlBb0FJQ3RRSQUkAHYNCPBYd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJLU52elVRQkJnQkxUb284VG1pQXhNSWc1YmVOQkFLR0FFdHpMQUpRRElEZFc1cm8FNCxUUG5EUVFDeGdDTFEBd_BVQzZBd2xPV1UweU9qWTBNamJnQTloRmdBVFY0cVVOaUFUMzRxVU5rQVFCbUFRRXNnUUtDSmFvNHc0UTU3TEpEYm9FR2dqdENCRzRIb1hyVWJpZVB4a0EBWgUBKENDV3FPTU93UVM0FSAIOGtFBRwFARhEWUJBRHhCBQwJAVxpQVdhTXBBRnJNaGdtQVcyanFPTUFha0YJHhhBQThELXhCBbwJAQh3UVUJCQEBAE0uKAAEX1IuKAAAMhUo8ENEd1AtQUY1S2NEOEFXMW1NSUwtQVhlemxlQ0JnTlZVMFNJQmdTUUJnR1lCZ0NoQnR2NWZtcThkTzhfcUFZRXNnWWtDUQFtCQEARR2MAEcdDABJHQwwdUFZS2dRamdicVF3cUEoQDRnSUFBLi6aApkBIVlCb0pEPqkCNEplMHBBRWdBQ2dBTWR2FYEET2curQEUWkEyRVZKCYcUQUE4RDlSEQwMQUFCWh0MMGh1QjZGNjFHNG5qOXAdGAB4HQwMNEFJazWI8MI4RDgu2ALBBOAC0qYH6gIsaHR0cHM6Ly9hdWJ0dS5iaXovMjAtYmVoaW5kLXRoZS1zY2VuZS1waG90b3OAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2AOXjsIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDE2Ni4wLjIwNS44MKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI05ZTTI6NjQyNtoEAggB4AQB8ASFuCCIBQGYBQCgBf8RARQBwAUAyQWhBRwAAPA_0gUJCQkMiAAA2AUB4AUB8AXEv0j6BQQIABAAkAYAmAYAogYOMTYxMCNOAWMkNDkyNbgGAMEGAAUBKPA_0AapJdoGFgoQBRAdAWAQABgA4AYB8gaHAQisyGASgAEyaFVtdjFvIXPYREFBa0NCUUVJMTkzV0NSRDkzYVVER1BmMzNnTWdCeWdBUU9MNjVnbEk4UFdaQ2xEWVJWaTlKbn04EEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAB4QS4ugAcBiAcAoAcBugcIKgQxLS0tQAHIB_KEBtIHDS0GBC5AAbcI2gcGAf_wdhgA4AcA6gcCCADwB5GACIoIRwpDAAABjaiaHehKrQGD502jQOc4RQeEs_nDa20IuYsW08cKdL1QyCW4WdL4gnR__K7nn28aE1fOuTZsvodlvJfOJ0hPfxABlQgAAIA_mAgBwAjBBNIIDgiBgoSIkKDAgAEQABgA&s=ae8030d35331e4cf5513c6afd3dcbc3a13762830
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:31 GMT
an-x-request-uuid
66311559-9a6c-4d03-83ac-8c887e663921
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.80; 166.0.205.80; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame 19EE 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lsm1u38l&c=2288656924436&slotId=1144328462218&qqid=CKyOgtCpq4QDFUegywEdy5cBlQ&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4012:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 19EE 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:11:18 GMT
x-content-type-options
nosniff
age
28812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 09:11:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 19EE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:10:11 GMT
x-content-type-options
nosniff
age
28879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 09:10:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 19EE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CQN1yQPTMZazuK8fArr4Py6-GqAnRi-bBda6Gyq6QEozAtauuARABILSOkUpg_cCUgegDyAEFqQKth_S3-s2oPqgDAcgDmwSqBPEBT9AuztHhwOLuE8MAIU71tFHPteiqw0glmH400vJCmmRTmZFaCcRMHo75ibp20PzlFrG8XH-OJLdgEWH3tLM21bS0fLvY5KzhYq5DarBvA8ifZIp5zNvkp5ZVmtIQy4MoPW5acyuWI-6jJUyDgeQWx2foWx_UYOGvN-29Eh0w2kB6MujlBoNzmQi41dRGlJiaX-AYCro3Tfj-qK1fbQpHTTpLdhSaM1PGWtfoLkwBdVjufyic1DoggRB062EVem_AEChwUXBRt2dMOlXjtScjoOgW7ix5VrKqYG_sNRhMoeZC6qipqTLKjukeYZsfDJitVcAE76bz5dcE4AQDiAWF6JWMTpAGAaAGToAHyq6ypgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WKvXgdCpq4QDgAoBmAsByAsBgAwBqg0CQ0GwE_zQwBbQEwDYEwOIFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1707930690916&ai=CQN1yQPTMZazuK8fArr4Py6-GqAnRi-bBda6Gyq6QEozAtauuARABILSOkUpg_cCUgegDyAEFqQKth_S3-s2oPqgDAcgDmwSqBPEBT9AuztHhwOLuE8MAIU71tFHPteiqw0glmH400vJCmmRTmZFaCcRMHo75ibp20PzlFrG8XH-OJLdgEWH3tLM21bS0fLvY5KzhYq5DarBvA8ifZIp5zNvkp5ZVmtIQy4MoPW5acyuWI-6jJUyDgeQWx2foWx_UYOGvN-29Eh0w2kB6MujlBoNzmQi41dRGlJiaX-AYCro3Tfj-qK1fbQpHTTpLdhSaM1PGWtfoLkwBdVjufyic1DoggRB062EVem_AEChwUXBRt2dMOlXjtScjoOgW7ix5VrKqYG_sNRhMoeZC6qipqTLKjukeYZsfDJitVcAE76bz5dcE4AQDiAWF6JWMTpAGAaAGToAHyq6ypgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WKvXgdCpq4QDgAoBmAsByAsBgAwBqg0CQ0GwE_zQwBbQEwDYEwOIFALYFAHQFQH4FgGAFwE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=2297727133&adk=4215942016&adf=2329959825&pi=t.ma~as.2297727133&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=964&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 19EE 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lsm1u3c7&c=2288656924436&slotId=1144328462218&qqid=CKyOgtCpq4QDFUegywEdy5cBlQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1s2&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4012:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 19EE 		31 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BKEn5TZ4q2V8hFRCOTLNBnf2mt_mXlOixyXvkKn1PpjG99dOYv3nMZbTzoZZtcHg5InxBQAz1ZawsIVDLP9XbCVlCrkw&dbm_d=AKAmf-Bq2YG7ZiUmtn-lFp0U3M7VYy8BqfELZvQC7RG9fHEjBxptZFYp8IsMAX_AyaPX6aHxf6ddCysNEwn-f1iVKrDzOohFHg9yS7-6iDHz1f6DTQM7g5n2mgNbniPDl2h2cU--TBKyhK6dXmTNXX0PoK3tfBP58PE1R6UUA2CZ_3VrmjrySj-MPn0QXIGtI_9PNckRPUc9Zk_fYMcAqax0lmsJ8RtzF2wn88b9RFYxeFYfNabGXAhjeJ3w-glGgvGaJZcdD8zIOk-lT8uTwd7S24NXPtvX0ss8IiWD-Q7nBbnFAxovj2UD37wC2Dk5Pt3yOQyyH7CPGR8tNyLpnUvRhJZ4Z3mpybad1iWAGR5Lzw5aToC9Qhq3tdRgmmoUdn8y1DsniZCOn5GRTJP9JUVwU9ByPjE4UuHnhFytpbHPg90GPo1T-7tC5QYYFdltfj_48FFdL-xTnbdn_U1UOfuvv6YTvsBKD8UChGDUU5KJvlJfj9o-vXiXCNiFvZT8IdZcU0p5fNzFLoaJMExMO3fDgfRdGPk28nbPP7r-bHx3nhkGufHRL_-2Kof6BcTFsN8AuQY0iGMRDaIsY6nllZ6md-X3KhdA1VtStyp1y33Ez06m7CFfHxuZ3NwQKi4nv19iz19N4SJpLpPMYVsOufDWiVYlvRlzo-OAvYKzt8yFX2On_LpAgOBauifLpJ1KtyNcEBojbBKeO6M4QWMgSWh2Yk6dArjadR-5M1rTBXD6BAH-PcKkih-KMgKD20id7k3Mmegb8Wpp3ZGZi_MLdM-iqj54JvQCkVmQS0103IXQcBpYaYmqmxnxSOoC7Z4zaWwkyJFLFY3YFyPVtMjCCW1VNhcaIpUAEaBvq6rik9cXMNBaVTHiFICkptTnRoedL92D8IITpTzUs-WMqMMWw9YWhU5DTlCH-3xLOwhKjZRXYlwMxA0LqOW0917hbCwDJab-rw00NKY3aFwmkXYw5MYuN3lpqyw79grlVtHEOZv3m2xr8pWGfC7Njiwl_W85SpYBKaVZwzag-MlxHpJDMxQG4mTn3Jp4lfRLyTjhDundZvXNk6nZAhTOQEo6hqM9H2_i0ZKi7_cAb70HytPCRLytJA0TWJXPklcD2QFYqgeFaWWI_klWOMLMe24wj40yF8OCYVHm-M4JXnBQ_O70Q3MEG-D6dw-6HBUfhLpYMqQzCdt6cALaBWul7Rqa2rJylv9PRfTNaDS-dsUEAbw3Hs6bD0u6-SAWF2DCuVsWDPFijhLElH04ahjwCqN9WqkupNT0vy9DFr4jzf23ofQTH4bmIG07mk7gqmDt_aEgFGNc1KvZI3rZYCxaEHkmi-sCtxihGuPvRM0k3mJYydUEZTrkHpsr5t6PbbPozBCHWLYX_w5qryNhjcPUUVgr1nJ-e51hlGQW3t8XYNzan1cs8I0xZF_2aKoMI0vmmxZlREvl16TQJD2NcPJonhmhaanMKOqXVYH9xttc7SCmFw3ZpNPyVCTs3oWbmNWnOrFZy4-6gfv65XO1YYO-T-0g9iVgWDOC7DRpdW1I1yhskN7yuafvxA6W0PyMp-Py55ZnCLITqXRFddZ7tgn_wl1XtKr72oZvmh12A9o_wDZcOBjqxPGXC4Rqf8B158T33-QfSwXZNiNJ3vEef3-p4QNuCDxh3y7MMksY93JIAQD5VlXDsu68N2Z9ngtrgvFwK4fXWDHU9nsDum2crgxUWUtnZrewWa37ddo4OB5GaTYvgcexuEGznc8Qtx5nSVpX4jpfNUz38W_QjWpYXzuWbfUPAcNqIQP8c1DoMlilMocYV4efcbwEmfLr-c_mPp2jPpxH3b_MrPtzGbFwY5UJlzYx0CpRrHmHId9LrbNj-8D6Wfpxvn1ngyYkl_vCeYD-0o3zVCMAf_jpOEDeAfMWsHc_KrFMC4gswuKQ8EUzkClgl-8KvbvGPAe-UbiCUdBN4L1HV0U1HF5P9LyIYpPPtXftoRPzIph6hVnWQKB22Frk3sAuYrovCk4XggFfmtIkdVTDLRW9hpOqT5Cl9HL5RVcjuez7QMR_DICN59UBluorYWf1vzKVyc-BG7TirBoexgAreGN0QZfokev9Q8BHACbd04mb-UktHGoLZShUQKBeSh6ytsA0Ad5DYDslyQpXlIBx2ODIiQvrJJMgi-HAhgglCfPuSE5-H-_ib1xfItmwCpUL0kbTkbnp8uj01iKos46LbRS_Xfu2IHfX7DrFCM-0joW2TkW30pbnnOgeSTcPww5Tx15YznqMT1nJOCZsSNLRNLALdLSSK6qOV3HKI5ncR6Iongqswchf7ycMa3AnQFxqL37S_eGNcl9KERd0AxDweMwZANmsMBlWpIgyD-9KD-SqXVOBQScQL3lAXMK9ZwlCFyiQyrrr_LTe4tpGJFQ9sF91MfClvKVBGIHIIZOYRYGuKyOrZyIXfjCgEPg314uhTJJ7_mZT7URGUjweZiQ3dLkCBDrHGe9ZSJMmGt7ynji2vSrPmk2OVnRHxfbz9ke4m4k_Ez8otLQcr3070XseEMEWCCv7hZaSE8m3RVCREkPcvE4eZfBf1WX5aZlNOEy1F3giYDzQAgHYtWYgDuuqhIjcXBhCet3W4cthBZUAq98A0z-TyG1tawq870z_4l2CGX2YgIabTFcsj3CSRk3IGJ4-KJW4PLPY9RTYQfUwZpygzKZU25wxuJz4a3BlhGsWufBHi4yzI5I_JjOLntBAx98uEjptRyo4Ttlq9ivh54Ri7ZoBD6tFl8aIU0Gj4R4hRvZc9XZwGi-uFhc9I1npmK0c-z8JP2fqp7EIxGGodv-k-37Smb-VHdK9ow4NXQTV7Waji6Hw4DRgmhEz6ZWlQSvi_B9b0NwggsIBHSl8PsQh5CMFTgy57t9WdytnNEdvL6ENT1lalVslOpyVZpojakk-ktDosOXIUvFJUiY2-7jHC6tGPdrVW0dTtS7sqJophbJW39AoAlQT5t6a8mMgyBv240oXoZZtVyevn9DLBvh2YWqO9_XevwQ2ZEYB5T1fwXl-iAmQGpNxripVvIRmQryQv7msZ0dv7DkOZ2rrn981dlyzKzxKSIP1JWPY67s2hUwKTJ7TEPU5nfqEpeC-iquw4q9YiECiMh7FPjIhft5HBUQhxIl6aePgFSsRrpY0lejgeMlSg0SP18hsQhDWB8fz0HbQYb_kXhaEekMBQ82Qm3dNm84jO-mt4Db4DtoqsSS023TgDoVC8tiC6uFZlH8-IW46vv4jBGeRx52d8Z9MEwzb06m5ZnWke0LRZGrbMk3pqDGcA7DE9k-EmVr_IZaUMq3CMhN8qYAjvaVWbi72ZWgeeJTxhaKJplAsV_JwUeTvUdGNpNfF-4YPrznmiRSSH8NbX0oyjA1oeiZVrIJ4aUAQ42drOtV18beQmm3JHdeUAK8tTx9DJS_oVSpsgEmhRoNUi56n0v6KOMSgB1Jl5vZ0bHRM275vINrlJI_KbAL9szqUtjpPeG4ttsM7mw3OnDwYveU3gghJi1swj60GGZqhvIUrQ1dh4mygT10h04vi7vl3qKq24fZTHzERAlOguMaZ49TMV0MOWJy_JSIah-6cm_VvS-jZKMhWpyoi8qmGjClubCtlo6pzue_GtazmH93HVnLqsPM&cid=CAQSTwAvHhf_-5qoNyQpvd_BPrQItvYTF-kA3v2rCR2TJ5isssnwU2ftrFOHX_R3v9WgS04JKyx5t1GPlr5bpkK6B7Pt7x3QhYCoeEpIYbcc30cYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
91c53f7a804716a16d131556c09efa816bb33aa8826e6255a79639d03e2f16b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17444
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
B29069693.375225519;dc_trk_aid=565710233;dc_trk_cid=197563682;ord=2822020881;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375225519;dc_trk_aid=565710233;dc_trk_cid=197563682;ord=2822020881;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2&nis=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 14 Feb 2024 17:11:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
B29069693.375225519;dc_pre=CK24xNGpq4QDFQAOaAgd1pAP2w;dc_trk_aid=565710233;dc_trk_cid=197563682;ord=2822020881;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_...
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame 2832
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375225519;dc_trk_aid=565710233;dc_trk_cid=197563682;ord=2822020881;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr...
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375225519;dc_pre=CK24xNGpq4QDFQAOaAgd1pAP2w;dc_trk_aid=565710233;dc_trk_cid=197563682;ord=2822020881;dc_lat=;dc_rdid=;tag_for_ch...
42 B
68 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375225519;dc_pre=CK24xNGpq4QDFQAOaAgd1pAP2w;dc_trk_aid=565710233;dc_trk_cid=197563682;ord=2822020881;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2&nis=5
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Server
172.253.122.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:32 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
pragma
no-cache
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x58d1a9efebe6d1a90000000000000000","16":"0x6d12f6f85539e50f0000000000000000","17":"0x3a4708e271863e80000000000000000","18":"0x7834e687e4bb57f60000000000000000"},"debug_key":"16287397353600783459","debug_reporting":true,"destination":["https://squarespace.com","https://sqsp.net","https://debugconversiondomain1.com"],"event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["8103537"]},"priority":"0","source_event_id":"1455120866810857922"}
server
cafe
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 14 Feb 2024 17:11:31 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375225519;dc_pre=CK24xNGpq4QDFQAOaAgd1pAP2w;dc_trk_aid=565710233;dc_trk_cid=197563682;ord=2822020881;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2&nis=5
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
follow-only-when-prerender-shown
1
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 2832
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CMG4UQPTMZZDzL7Omrr4PsJGXgAnWlLzMdeDb2PXYEZyMspSPDBABILSOkUpg_cCUgegDoAHS-MviA8gBCagDAcgDywSqBOABT9ArClRXkFjsavI6J12n1z1M_xccdzq744gVE4-0tlNj1zx...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x25dfdd72138177cb0000000000000000%22,%222%22:%220x9e1dc845c80576bf0000000000000000%22,%223%22:%220x543e80...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x25dfdd72138177cb0000000000000000%22,%222%22:%220x9e1dc845c80576bf0000000000000000%22,%223%22:%220x543e80b7e7a15ca60000000000000000%22,%224%22:%220xf01601361c5407c70000000000000000%22,%225%22:%220x4e883c4bb06a87550000000000000000%22},%22debug_key%22:%223205323955286331500%22,%22debug_reporting%22:true,%22destination%22:%22https://squarespace.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221012071506%22],%2222%22:[%22true%22],%224%22:[%2202-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211773456879620491969%22}&andc=true
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:31 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x25dfdd72138177cb0000000000000000","2":"0x9e1dc845c80576bf0000000000000000","3":"0x543e80b7e7a15ca60000000000000000","4":"0xf01601361c5407c70000000000000000","5":"0x4e883c4bb06a87550000000000000000"},"debug_key":"3205323955286331500","debug_reporting":true,"destination":"https://squarespace.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1012071506"],"22":["true"],"4":["02-14"],"6":["true"]},"priority":"500","source_event_id":"11773456879620491969"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 14 Feb 2024 17:11:31 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 14 Feb 2024 17:11:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x25dfdd72138177cb0000000000000000","2":"0x9e1dc845c80576bf0000000000000000","3":"0x543e80b7e7a15ca60000000000000000","4":"0xf01601361c5407c70000000000000000","5":"0x4e883c4bb06a87550000000000000000"},"debug_key":"3205323955286331500","debug_reporting":true,"destination":"https://squarespace.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1012071506"],"22":["true"],"4":["02-14"],"6":["true"]},"priority":"500","source_event_id":"11773456879620491969"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
pagead2.googlesyndication.com/bg/ Frame A6DA 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=1914583755&adk=2343838045&adf=3406639008&pi=t.ma~as.1914583755&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1284&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=6708&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=1594
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:03:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
29259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19829
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 09:03:52 GMT
truncated
/ Frame 19EE 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94b3b8a89a5a798415361b640e2bf5b8df784c3e3589a865ef31710e8d6d0314

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
pagead2.googlesyndication.com/bg/ Frame E901 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=5728351046&adk=99653283&adf=1300204433&pi=t.ma~as.5728351046&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=5&bdt=2553&idt=918&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=1514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:03:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
29259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19829
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 09:03:52 GMT
7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
pagead2.googlesyndication.com/bg/ Frame E96F 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=7166910432&adk=103490161&adf=3925545351&pi=t.ma~as.7166910432&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=1136&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280%2C753x280%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=5491&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=1575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:03:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
29259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19829
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 09:03:52 GMT
tracking
aubtu.biz/ajax/ 		15 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aubtu.biz/ajax/tracking?post_id=161636&utm_medium=ngocptn&utm_source=NG20&t=1707930691158
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/static/js/jquery.min.js?v=20240119114420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
X-CSRF-TOKEN
eITpM5HS0ea0rmmWs0fsxJGfHBbD7mRTcWqdoiYs
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:31 GMT
strict-transport-security
max-age=2592000; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPTSwzkEvVPURCmfOTB5dPHIdO9qDovOtlmbD2au7y%2B0FrptGTU5%2Bq2oGE1N7qBo5JOyN9GtJpfqd6IAZ8RXeX11ibdzzYvb%2BONidLbRezm5Ol4QrAFBhig2kOAYAHv6LoksKwc8Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
8556ee440d3436a1-YYZ
alt-svc
h3=":443"; ma=86400
csi
csi.gstatic.com/ Frame 19EE 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lsm1u3cx&c=2288656924436&slotId=1144328462218&qqid=CKyOgtCpq4QDFUegywEdy5cBlQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4012:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 19EE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 13:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357688
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Feb 2025 13:50:03 GMT
file.mp4
r4---sn-tt1e7nlz.c.2mdn.net/videoplayback/id/b6125943be1ed8b4/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3850647413/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 19EE
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/b6125943be1ed8b4/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3850647413/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r4---sn-tt1e7nlz.c.2mdn.net/videoplayback/id/b6125943be1ed8b4/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3850647413/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-tt1e7nlz.c.2mdn.net/videoplayback/id/b6125943be1ed8b4/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3850647413/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6AA685BEB5F3D595C2D229533A93BB5926F4C790.77F42E59725365D494C0582F00E6A087BC736A34/key/cms1/cms_redirect/yes/mh/Ts/mip/2001:4958:1420:151::80/mm/42/mn/sn-tt1e7nlz/ms/onc/mt/1707930155/mv/u/mvi/4/pl/36/file/file.mp4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=2297727133&adk=4215942016&adf=2329959825&pi=t.ma~as.2297727133&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=964&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1535
Protocol
HTTP/1.1
Server
2607:f8b0:400b:7::9 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:32 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4102350
Last-Modified
Thu, 25 Jan 2024 16:11:53 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 14 Feb 2024 17:11:32 GMT

Redirect headers

date
Wed, 14 Feb 2024 17:11:31 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
651
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r4---sn-tt1e7nlz.c.2mdn.net/videoplayback/id/b6125943be1ed8b4/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3850647413/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6AA685BEB5F3D595C2D229533A93BB5926F4C790.77F42E59725365D494C0582F00E6A087BC736A34/key/cms1/cms_redirect/yes/mh/Ts/mip/2001:4958:1420:151::80/mm/42/mn/sn-tt1e7nlz/ms/onc/mt/1707930155/mv/u/mvi/4/pl/36/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 19EE 		453 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-4402329642115120
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=2297727133&adk=4215942016&adf=2329959825&pi=t.ma~as.2297727133&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=964&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1535
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
expires
Wed, 14 Feb 2024 18:01:31 GMT
mvp_parent.json
cdn.unibotscdn.com/clientdata/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/mvp_parent.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
17930c39a121263bf0bf86d5a585d444f689d7f9c952f9ac0cf7bfe7cbc6d898

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:31 GMT
content-encoding
gzip
cdn-edgestorageid
718
cdn-storageserver
SG-561
cdn-cachedat
02/06/2024 11:31:46
cdn-pullzone
873945
last-modified
Tue, 06 Feb 2024 11:24:24 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
687
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
a279e1346120d8be98d551915c8294f0
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240214-30-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:34 GMT
x-amz-request-id
F0ERNPAEKW73Z8P2
age
21280
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
plsZvdnyCt2i8Bpor4XZ/Hw8FQ82hV+hAUU7z72e8PcCioobdkLHvDkUimb10ggYrfGsRVEk5hI=
x-served-by
cache-yyz4535-YYZ
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1707930694.109558,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
2
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
29063
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240214-30-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:34 GMT
x-amz-request-id
S9J5BFAA7WPTMDGJ
age
20111
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
wWtPRy+nUtfHDp77gPzlWCF3v6EWhngazARKv0aGBw+bq/wfsPbkn4AZ0roXloZfIZagWP16wbs=
x-served-by
cache-yyz4535-YYZ
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1707930694.198615,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
75
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
21602
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240214-30-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:34 GMT
x-amz-request-id
Q89PZAPY13C01VBS
age
2654
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
WyW+sQit27+5QQaPOprDWlxQkOlwneaUZDqksoV7u0dxhY+oAngI45yJEW41JVZdfQSdWufJIXs=
x-served-by
cache-yyz4535-YYZ
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1707930694.285440,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
33
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
3319
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x25dfdd72138177cb0000000000000000%22,%222%22:%220x9e1dc845c80576bf0000000000000000%22,%223%22:%220x543e80b7e7a15ca60000000000000000%22,%224%22:%220xf01601361c5407c70000000000000000%22,%225%22:%220x4e883c4bb06a87550000000000000000%22},%22debug_key%22:%223205323955286331500%22,%22debug_reporting%22:true,%22destination%22:%22https://squarespace.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221012071506%22],%2222%22:[%22true%22],%224%22:[%2202-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211773456879620491969%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 14 Feb 2024 17:11:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
mvp_parent.json
cdn.unibotscdn.com/clientdata/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/mvp_parent.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
17930c39a121263bf0bf86d5a585d444f689d7f9c952f9ac0cf7bfe7cbc6d898

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:31 GMT
content-encoding
gzip
cdn-edgestorageid
718
cdn-storageserver
SG-561
cdn-cachedat
02/06/2024 11:31:46
cdn-pullzone
873945
last-modified
Tue, 06 Feb 2024 11:24:24 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
687
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
951796272539e9357f12e0142e33c45a
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
_.asp
fundingchoicesmessages.google.com/f/AGSKWxXbDo3fGBdAEKCMc7acy0rqXMuSPo2Z-QslVYqqir_hg81iO--DobSYbzTi3ZF1_2C3hbdn5Qgvkx5ILvlIVwN_zS1AL1s5nEREYF9ocPdKAShIwbZYBIu4XT5o3ScDZX62Nrok9VYKaa6ZOVS_CzD3eFosZ... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXbDo3fGBdAEKCMc7acy0rqXMuSPo2Z-QslVYqqir_hg81iO--DobSYbzTi3ZF1_2C3hbdn5Qgvkx5ILvlIVwN_zS1AL1s5nEREYF9ocPdKAShIwbZYBIu4XT5o3ScDZX62Nrok9VYKaa6ZOVS_CzD3eFosZMnbG_328pektprdwUsYdw5_UuInx5UE/_.asp?coad/adsense./sponsor-box?/ads/article..nativeads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cc96f24c8f3f9ea8df7a3fac5f862530625198361789a3c97fb46e1c0e7b272
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SJpP0s179_zT16aQxG37xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-SJpP0s179_zT16aQxG37xA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48Hy5vw6axcEdNZ4-qms-YBMd-66ay666ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYgIP6cOYP1NxD71M9gjQFiIR6OYy82r2MT2LBn53JGADDWSn8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 05:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
40452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Feb 2024 05:57:22 GMT
AGSKWxUwdqFvBkA0IrMYAxEs13oMHw1npL3m3MGKfXB0gyG488Vc-5ns9idMhj_zm3QhcCdNsioaJA2H-9QpPXCZBS1CMwQwMcYRaPkZ-voQ2hAfbQacQIVt-ZNmoDwGPVwu-tA_gkIQGw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUwdqFvBkA0IrMYAxEs13oMHw1npL3m3MGKfXB0gyG488Vc-5ns9idMhj_zm3QhcCdNsioaJA2H-9QpPXCZBS1CMwQwMcYRaPkZ-voQ2hAfbQacQIVt-ZNmoDwGPVwu-tA_gkIQGw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-G-Vm7VEL5pbX1bZcps-RnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 17:11:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-G-Vm7VEL5pbX1bZcps-RnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAcfrF5HZtAw-ETc5kBBUIYow"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://aubtu.biz
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ftUtils.js
ajs-assets.ftstatic.com/ Frame B1CE 		86 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajs-assets.ftstatic.com/ftUtils.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/193398;7467377;201;js;GeniusSports;CAProspectingSportsGeniusMediaAppnexusF1SOBSPOPROOMPJUN23300x600/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=400651.7182609621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-118.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50b9b32493095c6ce4391b1faa2588105712b6c3350fddfdffbd4670708e53b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 15:45:42 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/5.1), 1.1 fadedfea448fa31cb8aba15ba1b05064.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
5149
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26381
last-modified
Mon, 12 Feb 2024 15:44:51 GMT
server
AmazonS3
etag
W/"ced6ce1b7b99b74cc94c9fe3e5e2b4d1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
max-age=86400
x-varnish
481821813 481756017
vary
Accept-Encoding,Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
12S5WS22QDNcyFr5Mf0O1gNjvDTZFQqZxmlNzYNpJyr8ITmP7gaqVA==
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 1E23 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
358074
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Feb 2024 13:43:37 GMT
expires
Sun, 09 Feb 2025 13:43:37 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1156 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7pTPshJSutF6hx89FkEAwmeYer25L94JY_7C7TJAZaNfQp52zyxvIlo4Eml9X79kO7yRkL3GwGLR08lDS4RCQ6n3Y4yR8jIEoTuI6Gg7meSGQRHufEfEO5beeu9tNBJF7oy6AFOGn-niuHaGaAyYNdeVfLvZoduQ&sai=AMfl-YSkLVufKVzWNjMoDiT3oth63c-P_6oxk0m8kG6C9ujmzBfwx0jwsPkd_F6NoqruH26J3RJkXr91wbE5r_brTUoe3mTHkGUFpbZIDMu-oFGNyoO4GkpoFiP2euQLZgILX7Vkzv4RWjFNKvuFj12xBA&sig=Cg0ArKJSzD6EQwrqgk6fEAE&cid=CAQSTwAvHhf_01guey_YuvCV04OGIDeFJUi7N9UlUKzw1kyWZv6iAZpFv90IN_rYR6Zmo6n7FxaP9bQ45Ztz9DzFcHkqKqOaQPDO9B1JmXuwk4wYAQ&id=lidar2&mcvt=1155&p=0,0,194,753&mtos=1155,1155,1155,1155,1155&tos=1155,0,0,0,0&v=20240213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=99653283&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=386349000&rst=1707930688615&rpt=1807&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
basic_upr.json
cdn.unibotscdn.com/clientdata/ 		30 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/basic_upr.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
d8701c8bb320cb852d02c0272620a515ec1df8fd3f7dffefa3ff5169436d9499

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:31 GMT
content-encoding
gzip
cdn-edgestorageid
871
cdn-storageserver
DE-680
cdn-cachedat
01/23/2024 05:34:13
cdn-pullzone
873945
last-modified
Fri, 22 Dec 2023 07:17:00 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
657
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
1f21d5e742af4d7f3de76acc1c81dbea
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
basic_upr.json
cdn.unibotscdn.com/clientdata/ 		30 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/basic_upr.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
d8701c8bb320cb852d02c0272620a515ec1df8fd3f7dffefa3ff5169436d9499

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:31 GMT
content-encoding
gzip
cdn-edgestorageid
871
cdn-storageserver
DE-680
cdn-cachedat
01/23/2024 05:34:13
cdn-pullzone
873945
last-modified
Fri, 22 Dec 2023 07:17:00 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
657
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
326e08be5d9afe9322fa0d7e6e53b274
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
adview
googleads.g.doubleclick.net/pagead/ Frame 19EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C0ETEQPTMZazuK8fArr4Py6-GqAnRi-bBda6Gyq6QEozAtauuARABILSOkUpg_cCUgegDyAEFqQKth_S3-s2oPqgDAaoE7gFP0C7O0eHA4u4TwwAhTvW0Uc-16KrDSCWYfjTS8kKaZFOZkVoJxEwejvmJunbQ_OUWsbxcf44kt2ARYfe0szbVtLR8u9jkrOFirkNqsG8DyJ9kinnM2-SnllWa0hDLgyg9blpzK5Yj7qMlTIOB5BbHZ-hbH9Rg4a837b0SHTDaQHoy6OUGg3OZCLjV1EaUmJpf4BgKujdN-P6orV9tCkdNOkt2FJozU8Za1-guTAF1WO5_KJyMO7p0g-at87Ss3eLWmnzGtR4kohLlkr1qyGWG4pLnBWHbBXcv_Av3N2K5er419nZM8OWi8b2CMT3KwATvpvPl1wTgBAOIBYXolYxOkgULCCIQAhgBSOL_nwKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB8qusqYEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwoQ8OZ_GNX8wIMC0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WKvXgdCpq4QDgAoByAsBsBP80MAWyBPu-qLkA9ATANgTA4gUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi00NDAyMzI5NjQyMTE1MTIwGAA&sigh=QPGgqU91Jwk&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_-5qoNyQpvd_BPrQItvYTF-kA3v2rCR2TJ5isssnwU2ftrFOHX_R3v9WgS04JKyx5t1GPlr5bpkK6B7Pt7x3QhYCoeEpIYbcc30cYAQ&vt=10&cbvp=2&vis=1&nis=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=2297727133&adk=4215942016&adf=2329959825&pi=t.ma~as.2297727133&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=964&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-4402329642115120&output=html&h=280&slotname=2297727133&adk=4215942016&adf=2329959825&pi=t.ma~as.2297727133&w=753&fwrn=4&fwrnh=100&lmt=1707930684&rafmt=1&format=753x280&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707930687097&bpp=1&bdt=2553&idt=964&shv=r20240212&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C753x280&nras=1&correlator=5591581463296&frm=20&pv=1&ga_vid=130507260.1707930688&ga_sid=1707930689&ga_hid=127508270&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=2935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31081107%2C31081143%2C44798934%2C44809003%2C95322745%2C95324580%2C95325068%2C95320870%2C95324155%2C95324160%2C21065724&oid=2&pvsid=100930202271199&tmod=1789926877&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1535
Attribution-Reporting-Eligible
event-source
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 14 Feb 2024 17:11:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
pagead2.googlesyndication.com/bg/ Frame 1E23 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 15:50:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
4841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15173
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 15:50:50 GMT
rd_log
nym1-ib.adnxs.com/ Frame B1CE 		0
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos&e=wqT_3QLKIPBMShAAAAMA1gAFAQjB6LOuBhClpomX3_zl0W8Y7viB4J-9yfhSKjYJke18PzVeyj8RtKolHeVgwj8ZAAAAQArX-z8htKolHeVgwj8pke0JJAAxARvA4XrUPzDk2ucNOMoMQL8GSCxQiuLm5QFYl7SkAWAAaPWsyAF48oQGgAEBigEDVVNEkgUG8ECYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAJICXEVBV0tBd3d4TmpFd0xqSXlOVGt4T0RhU0F3UQUUgG1BTUF1Z01TQ1JST2ljVEVTTkV4RVFxUDQ2ajZOSG13dwEc8KRWdEk3NUtsX3pqS0VXenZLZncyMmJHM9gCwQTgAtKmB-oCLGh0dHBzOi8vYXVidHUuYml6LzIwLWJlaGluZC10aGUtc2NlbmUtcGhvdG9z8gIgChxBRENIT0lDRVNfUE9TSVRJT05fQ1NTX0NMQVNTEgDyAhEKDUFERFRMX0NPTlNFTlQSAPICFgoNQURTTE9UX0hFSUdIVBIFNjAwcHjyAhUKDEEJGfDJV0lEVEgSBTE2MHB48gI7ChNBRFRFQ0hfRU5DUllQVEVEX01DEiRpbGdrTG9nc0FWNnJHM1ZmdEFrd0s0VTBkUURETE5ySW1lVT3yAhQKCUFEX1NFVF9JRBIHOTExODYyMPICEwoPQURfU0VUX05BTUVfRU5DEgDyAi4KCkFVQ1RJT05fSUQSIHFuV1U3YVp4a09xbGRwTGdvSFdXNktaeWwyZjhHYms98gJDCgtBVUNUSU9OX1VSTBI0aHR0cHMlM0ElMkYlMkZhdS1ICCUyRm5KAfBVOQoRQklEX1NUUkFURUdZX1VVSUQSJDMxZDE0OGM0LWM0ODktNGUxNC1iMDc5LTM0ZmFhOGUzOGYwYfICDQoJQlVORExFX0lEEgDyAhAKC0NBTVBBSUcFxBwBMPICHAoYQymAAWMsSU5HX0FNUEVSU0FOBTIIIAocXh8AFF9FU0MSAE5CACBTRU1JQ09MT04BH0ZCABUfEUIoFgoPQ1JFQVRJVkUx-AwDNjAwCbARGQRJRAWwCDUKDRUTKQugY2EzOGZmYTUtOTJlZi00ODViLWI3YjEtZDkzNmZjMjllZjZj8gIVCg4VOElDMAMxNjDyAhIKB0RFQUwBXyAHMTQyMDA5M_IhOBBERVZJQzE4CBIKDhUQEF9UWVBFAdkIDwoLDRUMU0hBMQESKBMKBkRPTUFJThIJdSYo8gIyCg5FTkNfQVWuPAKQGQoNRVhDSEFOR0VfTkFNRRIIYXBwbmV4dXPyAg4KCUZMSUdIVAG1IcQYCQoER0RQUgUMCBAKDAEMAF8ttgGXCBAKCwUTFFNJR05BTAUmMA8KC0dPT0dMRV9BTkkl6RwLCgdHUFBfUwkOCA4KCgUOAFRBEgFEXBcKEUhBU0hfU1BMSVRfQlVDS0VUEgI0NmFESA9JTkNSRU1FTlRBTF9QU0ESATEBpSgKSVNfUFJFVklFVwFCLBEKDExJTkVfSVRFTRG5FBoKCExPQyF-QFASDjE5Mi4xODQuNzMuMjMzhSAcTU9BVF9UQUc1dBwiChRNT0NSXy154EdST1VQSU5HEgpkZXZncnAsRFNL8gIdCgpRQ19BQ0NPVU5UEg9wLTFSWXhlUFhUOWJDUzLyAiYKDhkgcF9QMzYSFHAzNi0xNHlybWhrOWNhYndicTJl8gJGCSktuQRVUuLEAxQQCgxRQ18yiwMAGAVcTENBQ0hFQlVTVEVSEgY4NzY3NDXygX8oUUNfQ0xJQ0tVUkxxJQgXChM6FgARGggVChEuGgAEVU5tmQgzCgsRGCFxkCQ0ZGVkZjg5OC1kMzczLTRhNGUtODIyZC05YTkzM2M1ZDJjNzkluQE2iRQYEgDyAh8KGxkRUiUECCMKH2oiABGnUkgAlQwBalJIABUiEUgENwohHzrvBfTbBXRXc200aWhpZXVybHYzcXRJUzRub1c1X2JYRG9kUWJwdDQ98gIZCgdRQ19IT1NUEg5xdWFudHNlcnZlLmNvbfIC-AcKDVFDX1BJWEVMX0RBVEES5gdFQVU2RVdoMGRIQnpPaTh2WVhWaWRIVXVZbWw2V2lSRFNtWmtUMmR5YWkxRmIzQXhTWGhNVG5OaVNsQjNaamRxUWxKQ05GOXVURVpQYnoyQUFjTGctUEVPdWdFVk5UazNOalU1T1RnMk56TTRNamcxTmpneE5Eb3d3QUd3eVF6SUFjbkI2TVRhTWRvQkV6Z3dORFEwTkRBek56TXlPVEl3TmpFME56ZXdBZzdJQWdEUUFzN2hodnY0bl9mTXFRSG9Bajd5QWc4SXJKZzNFSWVuMElHa2d2SDZoQUh5QWcwSVBoQ3Y3TWFLb00taHM3UUItQUlBaWdNTU1UWXhNQzR5TWpVNU1UZzJrZ01FTVRZeE1KZ0RBS2dEQUxJREJLWUF6VkM2QXhJSkZFNkp4TVJJMFRFUkNvX2pxUG8wZWJEQ0F4SUpXMGp2a3FYX09Nb1JiTzhwX0RiWnNiZklBN1dBd0JQWUE4ZkdCZUlERDNBdE1WSlplR1ZRV0ZRNVlrTlRNdW9EQmdpZ0FSRFlCUElEQ1dnemFDVXlNREJoTWZnREFJQUVzQUtLQkFJM041SUVCekUwTWpBd09UT2FCQklKUVV1TG1abVVkX0lSOE1FRWpDLTIyS1dpQkJJSkZFNkp4TVJJMFRFUkNvX2pxUG8wZWJDcUJCSUpGRTZKeE1SSTBURVJDb19qcVBvMGViQzRCTkFGMEFRUzhnUUNRMEdBQlFHS0JTb3lNREJpTWprMU56TmxaRFUyT1RCbU5UTmpORGRsT0dVellUQTFaVGsxWVdWbFlUSm1OR05qTkRHUUJRR2FCUlVnQ3lsWFB0VnBEMVBFZm80NkJlbGE3cUwwekVHaUJTUkRTbVprVDJkeWFpMUZiM0F4U1hoTVRuTmlTbEIzWmpkcVFsSkNORjl1VEVaUGJ6MjRCUURBQmJqRWtfUUp5QVdlbUtnRTBnVUdDQUlRQlJnRTZBVUZtZ1lVQ2hJSlFVdUxtWm1VZF9JUjhNRUVqQy0yMktXZ0JnQzFCcXEtZ3ppNkJqNEtBa05CRWdKUlF4aXV6QWNpQ0cxdmJuUnlaV0ZzS2dsb00yZ2xNakF3WVRFNkcyRmpaU1V5TUdSaGRHRWxNakJqWlc1MFpYSnpKVEl3YVc1akxza0dNQmc0eWJpMDJBSFFCampZQmpqaUJqOWZabkF1WlhabGJuUXVRME1nVUdGcFpDQkRiMjUyWlhKemFXOXVMRjltY0M1bGRtVnVkQzVEUXlCVWNtbGhiQ0JEYjI1MlpYSnphVzl1TEY5dmNsX3FCaEZvZEhSd2N6b3ZMMkZrYjJKbExtTnZiUfICHAoIUUNfUFJJQ0USECR7QVVDVElPTl9QUklDRX3yAhAKB1FDX1JBTkQSBTkwOTUx8gIeChpRQ19SRVFVRVNUX1NQRUNJRklDX0ZJRUxEUxIA8gIXCg1RQ19VUkxfU0NIRU1FEgZodHRwczryApwBCg1RQ19VU0VSX0FHRU5UEooBTW96aWxsYSUyRjUuMCslMjhXaW5kb3dzK05UKzEwLjAlM0IrV2luNjQlM0IreDY0JTI5K0FwcGxlV2ViS2l0JTJGNTM3LjM2KyUyOEtIVE1MJTJDK2xpa2UrR2Vja28lMjkrQ2hyb21lJTJGMTIxLjAuNjE2Ny4xODQrU2FmYXJpJTJGNTM3LjM28gIZCg5RRk1fQUNDT1VOVF9JRBIHOTAwMDAzOfICGgoPUUZNX0NBTVBBSUdOX0lEEgc5MDQ3MDcw8gIbChBRRk1fTElORV9JVEVNX0lEEgc5MTE4NjIw8gIUChBTS0FOX0NBTVBBSUdOX0lEEgDyAhQKDlNLQU5fU09VUkNFX0lEEgIwMPICFgoJU1VCRE9NQUlOEi5NCcgXCglUSU1FU1RBTVASCjE3MDc5MzA2ODnyAhcKB1VTRVJfSVASDDE2Ni4wLjIwNS44MPIOzQgAVQ6LCBBJVkFDWcFoMBAKDFZBU1RfVkVSU0kWpgowEgoOVklERU9fRFVSQQ6sDAEo8FIOCgdaSVBDT0RFEgNIM0iAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2AOXjsIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDE2NhWXoKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEEioOWIgFAZgFAKAFt4qcsfDyyrorwAUAyQUABQEU8D_SBQkJBQu4AAAA2AUB4AUB8AUF-gUECAAQAJAGAJgGAKIGDjE2MTAjTllNMjo0OTI1uAYAwQYBMDQAAPA_0AbwwgLaBhYKEAkSGQHwXhAAGADgBgHyBo8BCL3WVhKIAW14Y0paMkVBQUFBREFBa0NCUUVJa2JmZkNCRGctdFlDR09QWXdnTWdCeWdBT2dVSXdlQ1dEa0RLdzk0SVNPVEgzZ2hRMkVWWXZTWnhBAUYFARRCNEFJRUIFCwUBTENJQVFDUUFRQ2FBUUlJQUtnQkFMLiAAdEEugAcBiAcAoAcBugcIKgQxLS0tQAHIB_KEBtIHDS0NBBRAAb8I2gcGIQjwbhgA4AcA6gcCCADwB5GACIoIRwpDAAABjaiaHehvo5fl8uJTJXOhF_0oDi3HPCvVNdKcnG5RFoy4B1YKlAkNJ8nAU7JvFEYfNlWL0Zr3v_ElS8LyiptvrBABlQgAAIA_mAgBwAjBBNIIBggAEAAYAA..&s=9c63eeac836e2b65bcdc45feaffe5ade3dea1a3a&bdref=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&bdtop=true&bdifs=1&bstk=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw,https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:32 GMT
an-x-request-uuid
ee2186a3-1506-447c-8fc4-6a048d3c43c4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.80; 166.0.205.80; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
socket.io.min.js
cdn.socket.io/4.5.4/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.socket.io/4.5.4/socket.io.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-91.phl50.r.cloudfront.net
Software
Vercel /
Resource Hash
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 02:21:00 GMT
content-encoding
gzip
via
1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000
x-amz-cf-pop
PHL50-C1
age
16889890
x-cache
Hit from cloudfront
content-disposition
inline; filename="socket.io.min.js"
server
Vercel
x-vercel-id
iad1::lmh6p-1697509260854-418392fcde5f
etag
W/"db9bf2a88958a37857fb8f7b56e0fe04"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
cRS2rw3fCoV41QT3mLEaqPbBgHhyVvZCylp616bg7vASAybb-UpKJQ==
prebid.js
cdn.unibotscdn.com/player/prebid/ 		502 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/prebid/prebid.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
2139fcb6d5586442247ed31ab4133bfa6395b51ff5765df3f7cebf86ac809048

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:34 GMT
content-encoding
br
cdn-edgestorageid
1070
cdn-storageserver
SG-516
cdn-cachedat
02/03/2024 22:23:00
cdn-pullzone
873945
last-modified
Tue, 21 Nov 2023 11:19:51 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
631
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"655c9257-7d8ab"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
ea8c18902cf080e3c3b2d2bc20fa7b75
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
4346718.json
agen-assets.ftstatic.com/display/7467377/ Frame B1CE 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://agen-assets.ftstatic.com/display/7467377/4346718.json
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-58.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
961b4ecddf097e8aafabb2e61ed2d652cbbd5eafb4b92f2e4e68e493ef71fad3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/5.1), 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Mon, 22 Jan 2024 16:51:58 GMT
server
AmazonS3
etag
W/"ae926001375acec76bb0840cbbd71918"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
max-age=30
x-varnish
272070379
vary
Accept-Encoding,Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
au6sxj6VOMbD6Wph_sKZXDfNwiRlBDQRRkW7eQ4AwGv3Y3GC4DSu9w==
B29069693.375225519;dc_pre=CK24xNGpq4QDFQAOaAgd1pAP2w;dc_trk_aid=565710233;dc_trk_cid=197563682;ord=2822020881;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_...
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375225519;dc_pre=CK24xNGpq4QDFQAOaAgd1pAP2w;dc_trk_aid=565710233;dc_trk_cid=197563682;ord=2822020881;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2&nis=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 14 Feb 2024 17:11:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E23 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BOoyPQ_TMZfp825yg_A_m94OgBQAAAAA4AeAEAg&bg=!4uGl4a7NAAaxkZ3akZE7ADQBe5WfODiHL4kEh2bgyFwRlXV7qLPBNGAycCEmDr1qTA1bNTYcmAOFSy_2sH9CLfxwqwgCAgAAAKZSAAAAB2gBB5kC2WIKSJyBO7ot9vfGyHFHC9_bGRv3hQnKU4Dc41iMoiVljjEElVmpVc9ECKq_h3L61moIWYT5n9bVJ0YgKVay5Ksl93bdv5FgrlbExbmeohdpi7mtYlFJEfTCWV3oBGBnaU46mu88nvq12jrHMLjBCN0ikd3hikVixgDRM3mnAnIpdFKRYDizPkRH1Rhqpc2KL4z-zNwTCRCcm5169GnQNESU2TDuw4GxhjM5-dy5rxfzGsGGBEUDDHNX491hgfo1nJq9VXJUFCOR6lAjXu_Ezk2gNwSW3itkZEj4uBjWi6TtzXWd0gGXhcLUPWuPII_cG-aUW5wlzBjQTnK5I15BYBMcrbSWaXoQRsEdETFYd1OfAjeJZ4Ob9wpQTsbkY155C1eF70rV_aGAPQqbs-IGNrc_SvItQ1NF_uoVONVwGMsJ4oDe5OAZMxGP5oXLh5mu9nLTIuHaxN1_iVir1PPEASNsNVKcLthsoj8yD2f26kOAwMrQO-uJwB2xHA4r3BkT1btJGbQPQtykINh8XhLnFX9DA6eudIU5huPI-coPSx8l0qqZIVoTZJKYpmCWXu_WNRKt2yTDXWoLX74gpzavIKTaiOo8dzZdtZBhpTT6JQCNNl178OxibGF9IDy2lNFrUwjqGFv5MiXt9YdoyDL_XZ9jwxfgX3mtFWHkL6zafa0eqiX5TvB3AiXNUnMwgk2GaWjTb-9w5rPNeP_sUEXBscKHs8T717I3jsRG5OJGELmB62K-9ZDsegTS-e5Hu7nNoerRh2x5JJh9-E7Dhqg9agvZWUPyR3xK6kiHo6gpaaxOelj4JbQRFGkr1Jfw-CqiR4iylM3cPxP16vTSb_2ISI8nbuhHQmAJvYNFdMhuLbyvmPTyX3d1WvQ2vkyI8CvPyKcY3Z7aW8N5F5bcw6HC1XuVf9JxKz7G2pHoNw-KnMxL6tTxb8Q9MU_LsM5-nOyjcXItbBCpF2426Q
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r4---sn-tt1e7nlz.c.2mdn.net/videoplayback/id/b6125943be1ed8b4/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3850647413/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 19EE 		259 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-tt1e7nlz.c.2mdn.net/videoplayback/id/b6125943be1ed8b4/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3850647413/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6AA685BEB5F3D595C2D229533A93BB5926F4C790.77F42E59725365D494C0582F00E6A087BC736A34/key/cms1/cms_redirect/yes/mh/Ts/mip/2001:4958:1420:151::80/mm/42/mn/sn-tt1e7nlz/ms/onc/mt/1707930155/mv/u/mvi/4/pl/36/file/file.mp4
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400b:7::9 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range
bytes=0-

Response headers

expires
Wed, 14 Feb 2024 17:11:32 GMT
date
Wed, 14 Feb 2024 17:11:32 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4102349/4102350
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4102350
last-modified
Thu, 25 Jan 2024 16:11:53 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
d9core
d9.flashtalking.com/ Frame B1CE 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.160.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-160-120.compute-1.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
104e0c0ae702e5f793ca14f311ea4ca6045f54e4e341fc8057877e1f4ec6ae0a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:34 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
etag
5bc31bf7d4a298e1bef9d35fce222bfc
access-control-allow-methods
GET,POST,SERVER
p3p
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin
d9.flashtalking.com
content-type
application/javascript;charset=utf-8
cache-control
private, must-revalidate, proxy-revalidate, max-age=172800
access-control-allow-credentials
true
iframe
c.bannerflow.net/scripts/ Frame 8B76 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2da5e0a4637e412b237d8a941f6800b3748cbdc969402c1cac8d3174e43d597e

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cf-cache-status
MISS
cf-ray
8556ee4f1f913a08-YYZ
content-encoding
br
content-md5
pRIJ2/N21dbBjDWXiJP+cQ==
content-type
text/html
date
Wed, 14 Feb 2024 17:11:33 GMT
last-modified
Wed, 29 Mar 2023 06:31:05 GMT
server
cloudflare
vary
Accept-Encoding
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
71ba2a4c-d01e-003c-6a68-5ffc14000000
x-ms-version
2011-08-18
score.min.js
js.ad-score.com/ Frame B1CE 		512 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000791&tt=g&tid=6812&l1=193398&l2=GeniusSports&l3=7467377&l4=4346718&l5=&l6=&utid=AEF2181C-544B-97B3-391A-12E61F48F1F3&creative_type=display&adid=ftdiv7467377&pub_app=&pub_domain=&uid=&cb=238998.7549389062&pub_ts=1705942272&306487240
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:3400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ab8fb747eac860bea762e211ee09a0c842e90b20ac38a3f32c2384404eefc550

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 20:39:58 GMT
Content-Encoding
br
Via
1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL51-P1
Age
73896
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 13 Feb 2024 20:39:58 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
3ML73e0ZOr-Y7qYTyFySp0zyF7nxZEzdavim5c-B-s3IB0o06HH5Fw==
Expires
Wed, 14 Feb 2024 20:39:58 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame B1CE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.48.8.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-52.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
Server
Flashtalking (AKA)
ETag
W/"41e1de2061b5162671c94aaf53e51cc1"
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
413862034 236107414
Content-Type
application/javascript
Cache-Control
max-age=50755
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5545
Expires
Thu, 15 Feb 2024 07:17:29 GMT
iconc.png
cdn.flashtalking.com/oba/icon/ Frame B1CE 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.48.8.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-52.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:32 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:31 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin
us
X-Varnish
108102152
Content-Type
image/png
Cache-Control
max-age=531000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1308
Expires
Tue, 20 Feb 2024 20:41:32 GMT
supply-feature
ch-trc-events.taboola.com/pawsworld-aubtu/log/3/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/3/supply-feature?route=US:CH:V&tvi2=10685&tvi48=-48&tvi50=14929&lti=deflated&ri=a42ca77decee03eb6c156980cd6fafa2&sd=v2_38077d24083c9851412bbb5f210898b7_ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0_1707930688_1707930688_CNawjgYQ0-FVGNO36MTaMSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoydnjgLWAosvLAXAB&ui=ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0&pi=/20-behind-the-scene-photos&wi=-8053746515276440578&pt=text&vi=1707930688467&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2221755.40625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A11%3A32.614&id=5346&llvl=2&cv=20240214-30-RELEASE&
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Feb 2024 17:11:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
spa-detector.20240214-30-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20240214-30-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
644f6a23096041fbc24d6e80f10c23757f7a4d10d91c82ef164f4f61f2b55199

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
6m7p2KgIbHr_8TzrLBIlVNNGVj5pah5X
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Feb 2024 17:11:34 GMT
x-amz-request-id
8PB2254B6XTYKZMT
age
6455
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
pTPeG669hM7FjdArCHqV717/yjMcQNx5d8/Y1cxdaenCliRqjiukVi70STt5kA/LnaABa/QyqwU=
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 14 Feb 2024 15:23:59 GMT
server
AmazonS3
x-timer
S1707930695.704292,VS0,VE0
etag
"1d32b9af6d14fa53040a054765752dca"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
18
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
556
supply-feature
ch-trc-events.taboola.com/pawsworld-aubtu/log/3/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/3/supply-feature?route=US:CH:V&tvi2=10685&tvi48=-48&tvi50=14929&lti=deflated&ri=a42ca77decee03eb6c156980cd6fafa2&sd=v2_38077d24083c9851412bbb5f210898b7_ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0_1707930688_1707930688_CNawjgYQ0-FVGNO36MTaMSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoydnjgLWAosvLAXAB&ui=ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0&pi=/20-behind-the-scene-photos&wi=-8053746515276440578&pt=text&vi=1707930688467&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A11%3A32.654&id=6815&llvl=2&cv=20240214-30-RELEASE&
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Feb 2024 17:11:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/pawsworld-aubtu/log/3/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/3/abtests?route=US:CH:V&tvi2=10685&tvi48=-48&tvi50=14929&lti=deflated&ri=a42ca77decee03eb6c156980cd6fafa2&sd=v2_38077d24083c9851412bbb5f210898b7_ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0_1707930688_1707930688_CNawjgYQ0-FVGNO36MTaMSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoydnjgLWAosvLAXAB&ui=ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0&pi=/20-behind-the-scene-photos&wi=-8053746515276440578&pt=text&vi=1707930688467&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1707930692655%7D&tim=09%3A11%3A32.656&id=7348&llvl=2&cv=20240214-30-RELEASE&
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Feb 2024 17:11:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/pawsworld-aubtu/log/3/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/3/supply-feature?route=US:CH:V&tvi2=10685&tvi48=-48&tvi50=14929&lti=deflated&ri=a42ca77decee03eb6c156980cd6fafa2&sd=v2_38077d24083c9851412bbb5f210898b7_ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0_1707930688_1707930688_CNawjgYQ0-FVGNO36MTaMSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoydnjgLWAosvLAXAB&ui=ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0&pi=/20-behind-the-scene-photos&wi=-8053746515276440578&pt=text&vi=1707930688467&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A11%3A32.658&id=5999&llvl=2&cv=20240214-30-RELEASE&
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Feb 2024 17:11:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/pawsworld-aubtu/log/3/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/pawsworld-aubtu/log/3/abtests?route=US:CH:V&tvi2=10685&tvi48=-48&tvi50=14929&lti=deflated&ri=a42ca77decee03eb6c156980cd6fafa2&sd=v2_38077d24083c9851412bbb5f210898b7_ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0_1707930688_1707930688_CNawjgYQ0-FVGNO36MTaMSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoydnjgLWAosvLAXAB&ui=ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0&pi=/20-behind-the-scene-photos&wi=-8053746515276440578&pt=text&vi=1707930688467&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1707930692662%7D&tim=09%3A11%3A32.662&id=5055&llvl=2&cv=20240214-30-RELEASE&
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Feb 2024 17:11:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
activity
t.ocmhood.com/v2/ 		0
437 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4PXN0NzP3GTQ2D6AxNDY4MjE0NoL7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Feb 2024 17:11:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mCFLKT0Ay83tJd9r9hhnBosV5VBUaN4DWSgY30rLzM26%2FZ2PED6avFIs4UQmtp7M6rOCaT4%2FYHL5SaDs%2BCy6OLgnMIdQuJRsdlw5i6j9UzPbWoyESD4FbAE%2BF4JP%2BZjMjBUb94mZaQLqZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
8556ee5e7cf839e9-YYZ
alt-svc
h3=":443"; ma=86400
pixel;r=1172175314;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26...
pixel.quantserve.com/ 		35 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1172175314;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw;uht=2;fpan=1;fpa=P0-1473472514-1707930688965;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;us_privacy=1---;ref=;d=aubtu.biz;dst=1;et=1707930692898;tzo=480;ogl=locale.en_US%2Ctype.article%2Csite_name.AUBTU%252EBIZ%2Ctitle.20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies%2Cdescription.20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies%2Curl.https%3A%2F%2Faubtu%252Ebiz%2F20-behind-the-scene-photos%2Cimage.https%3A%2F%2Faubtu%252Ebiz%2Fimages%2Fthumbnail%2Fpost%2F202309%2F762-353-1696043301-161636%252Ewebp%2Cimage%3Awidth.1200%2Cimage%3Aheight.630;ses=b6b9e1fc-0810-4237-b83e-e1bfd3bc326c;mdl=
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:34 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=1630376337;labels=edge.1%2Csid.16619;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilso...
pixel.quantserve.com/ 		35 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1630376337;labels=edge.1%2Csid.16619;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw;uht=2;fpan=1;fpa=P0-1473472514-1707930688965;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;us_privacy=1---;ref=;d=aubtu.biz;dst=1;et=1707930692901;tzo=480;ogl=locale.en_US%2Ctype.article%2Csite_name.AUBTU%252EBIZ%2Ctitle.20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies%2Cdescription.20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies%2Curl.https%3A%2F%2Faubtu%252Ebiz%2F20-behind-the-scene-photos%2Cimage.https%3A%2F%2Faubtu%252Ebiz%2Fimages%2Fthumbnail%2Fpost%2F202309%2F762-353-1696043301-161636%252Ewebp%2Cimage%3Awidth.1200%2Cimage%3Aheight.630;ses=b6b9e1fc-0810-4237-b83e-e1bfd3bc326c;mdl=
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:34 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["edge.1"],"pcode":["p-effSsmMYCbAck"]},{"label":["sid.16619"],"pcode":["p-effSsmMYCbAck"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
csi
csi.gstatic.com/ Frame 19EE 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lsm1u3j9&c=2288656924436&slotId=1144328462218&qqid=CKyOgtCpq4QDFUegywEdy5cBlQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1984&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1yo~atrd.1yw&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4012:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:33 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&hostname=aubtu.biz&location=%2F20-behind-the-scene-photos&product=sop&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_me...
  • https://l.sharethis.com/sc?event=pview&hostname=aubtu.biz&location=%2F20-behind-the-scene-photos&product=sop&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_mediu...
160 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/sc?event=pview&hostname=aubtu.biz&location=%2F20-behind-the-scene-photos&product=sop&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&source=sharethis.js&fcmp=false&fcmpv2=true&has_segmentio=false&title=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&cms=unknown&publisher=64881bab940f820012547cd6&sop=true&version=st_sop.js&lang=en&description=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&ua=&ua_mobile=false&ua_full_version_list=&uuid=c6c960f2-3fd6-4f65-9a3f-b765c29b2bb8&samesite=None
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Server
3.134.24.173 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-24-173.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
72062a13f7c3b81d15253bd33ffcc6b61090372cc405e621adc7458613cec7f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:33 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://aubtu.biz
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZGAADWXM9EUAAAAIB6imAw==
Access-Control-Allow-Headers
*
Content-Length
160
X-Robots-Tag
noindex, nofollow

Redirect headers

Date
Wed, 14 Feb 2024 17:11:33 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://aubtu.biz
Location
/sc?event=pview&hostname=aubtu.biz&location=%2F20-behind-the-scene-photos&product=sop&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&source=sharethis.js&fcmp=false&fcmpv2=true&has_segmentio=false&title=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&cms=unknown&publisher=64881bab940f820012547cd6&sop=true&version=st_sop.js&lang=en&description=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&ua=&ua_mobile=false&ua_full_version_list=&uuid=c6c960f2-3fd6-4f65-9a3f-b765c29b2bb8&samesite=None
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZGAADWXM9EUAAAAIB6imAw==
Access-Control-Allow-Headers
*
Content-Length
915
X-Robots-Tag
noindex, nofollow
6470764df5206dda457c5f26
c.bannerflow.net/a/ Frame 8B76 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/6470764df5206dda457c5f26?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&container=.creative
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b7a6646c21d2ead8c6d66a8236173109136b24e329650cbefdc6a26539c4ec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Feb 2024 17:11:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
8556ee509a4b3a08-YYZ
widget.c7fa5d3f03f9f08f46e0.js
c.bannerflow.net/scripts/ Frame 8B76 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.c7fa5d3f03f9f08f46e0.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6470764df5206dda457c5f26?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&container=.creative
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcf15565e7d95f4703c19d855d0b8c38e78a90cee6a8a26377432682ef1b5eab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Feb 2024 17:11:33 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
cjOEutvUZPIwTW4rmspOJg==
age
6518003
cf-polished
origSize=22943
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 24 May 2023 12:15:11 GMT
server
cloudflare
etag
W/"0x8DB5C508580C41B"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dfb024e8-401e-0011-0a20-244f67000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
8556ee521d5c3a08-YYZ
feed.5690094ed3594c2fe977.js
c.bannerflow.net/scripts/ Frame 8B76 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/feed.5690094ed3594c2fe977.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6470764df5206dda457c5f26?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&container=.creative
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9657dc7a04f3ead67af9ef8277314e52acdcc932fb655b485d0d77aafb603853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Feb 2024 17:11:33 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
dpw8CC5FTOQbDwGrcTeEgw==
age
6668925
cf-polished
origSize=5238
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 24 May 2023 12:15:10 GMT
server
cloudflare
etag
W/"0x8DB5C5085752C67"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bf5efbc3-d01e-004e-7fc1-22fb5b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
8556ee522d6a3a08-YYZ
document.000000242B2196.js
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/4943820/6394618/ Frame 8B76 		100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/4943820/6394618/document.000000242B2196.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6470764df5206dda457c5f26?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&container=.creative
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a809a030c337778e2a789c66dd7d1b08419dd344f7944912c215a16163e10a0d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Feb 2024 17:11:33 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
s9ZFfee0C8LAgRXI/c5feA==
age
3048808
cf-polished
origSize=106025
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 26 May 2023 09:05:28 GMT
server
cloudflare
etag
W/"0x8DB5DC859CAC934"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
52cc7687-b01e-0015-7eae-43c260000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
8556ee522d6f3a08-YYZ
animated-creative.612e08f80e9d2d7b247c.js
c.bannerflow.net/scripts/ Frame 8B76 		151 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.612e08f80e9d2d7b247c.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6470764df5206dda457c5f26?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&container=.creative
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52b7acfc26504574f0efa509579d54ada9833a8d934da4545d1a8cd1640f463a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Feb 2024 17:11:33 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
+ZjnsWdDOQeJ6aEPi2Pe0A==
age
6517580
cf-polished
origSize=154465
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 24 May 2023 12:15:10 GMT
server
cloudflare
etag
W/"0x8DB5C50856F8788"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8270a58d-301e-0056-0c21-24243c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
8556ee522d713a08-YYZ
4943820
c.bannerflow.net/tr/blocked/6470764df5206dda457c5f26/ Frame 8B76 		0
91 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/blocked/6470764df5206dda457c5f26/4943820
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6470764df5206dda457c5f26?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&container=.creative
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8556ee52de9b3a08-YYZ
content-length
0
request-context
appId=cid-v1:1fcf03fc-fba3-4651-852f-a11a7fdec64e
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame B1CE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.48.8.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-52.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:33 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin
us
X-Varnish
977502517 975897158
Content-Type
image/png
Cache-Control
max-age=294
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5953
Expires
Wed, 14 Feb 2024 17:16:27 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/ Frame CBCF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
21911
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 11:06:22 GMT
etag
3890843268177463596
expires
Wed, 28 Feb 2024 11:06:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 14 Feb 2024 17:11:34 GMT
via
1.1 varnish
x-amz-request-id
C4YX393BV63BMCS9
age
5641
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
hJZ9rVKYX0/8YTS367+n1JLWaWxjxwlUGV9luK6w6nrhJtmZXbtiGq/h5BjCJKdhOOZFYFppGpg=
x-served-by
cache-yyz4535-YYZ
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1707930695.925520,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
93
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1035
st
imprnjmp.taboola.com/ Frame 1DD0 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66531085&crid=6425865&dast=V9HfwCABYDAJ71P5xAlUolBACe9T-cQJVKJQUAAAAABgYA9AcAJDbzzJbL0Wyt8Y2Ma9Fm5HBLjCvTWmJZuCwLl2e0GU2GAECSs91qsFsu1xKLx-MWrUwbt8Q0ca0lw5FtsJyNPMORxwoAJMZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmz0FVd5reAMCCptPhc93rFa6L6XWXOK1_yWAtcRmddpNbdHS5NR-X3eUWHP2mv-cOAAAAAAAPAABiDQkQAD-AAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAAAKtFUaAAAmGwAC0SEHAEL77abLy2H2BwAAwEMECAAAgAAGCQDAAflwCQCAy0j-CQAAAAAAAAAAAAvA____fwzAwP1LgwzAQH9-cw8AwIMPAMADEQAAAMFbEQAjAAAAAABTgGaoI4BJAJ0AUAFYVAEAABCkWwEAXAEAAAQ0omp6LIcBAAAABIwBLNDD4vebHXaN3-0yAAAAAAAAAAAAM4D_M4B_NAChmvrhNADhSRR7NYBfQACANYBfQAAANgB1AwAAeAMIgAMIOgCCVgwGqwMIiNkBAAAAANwB_P___-sBgMxwsNuNLKPBcLNxDleL0WIysVhcM8tiMFwOJ77tASxL20GtGVwX9QGYCMvs9x0UlNPTY3YZREXX22J3OM2eg6ruNB3EBw3DcjII5gcwYYvRajLZLIez5WIyGI6Go9H-AAZishggwEQMlsvJZDHZrUar0Wa4G80GCwQQiMEEAShaNJisRqPJYjJcjSar2XKx220QgKJVq9loMxiuZpPZbrcaDobL0QgBJmwxWk0mm-VwtlxMBsPRcDQaIgBMeHwjx8rkXAt2w8FaNJjs1sKZceJWmCbLlW-xWjg2hrXo9TF9PLbdcmPYIoBgQM1eBBfpRPDwfX5_y9nkVrguptdFLNGcLNKJ7LLvDAe73cgyGgw3G-dwtRgtJhOLxTWzLAbD5XDi2zc8vpFjZXKuBbvhYC0aTHZr4cw4cStMk-XKt1gtHBvDWvT6mD4e2265Mewbu8FuuRnMhsN9YzfYLTeD2XC479AZvqvP2SisZbQenc-ZrUkNN6dB4TJYvCvVaaUtSA7a7FXkdGlmyqLO6Pf7_X6_3-_3-_0GredgNih858lu9Zl5Db7ndmYQGxSKWCI4XaQT0ct4uoglkqdFOlGYJhuHbzdyeVwuw2ZlsW0cq9lyONiYbDOHzWGZiCVK00U60UsGa4nL6LSb3KKjy635uOwut-DoN_09F_UfARhiNpsL5pLBai4crBIAAAAAAAAAAMASACaATICbAAAAAACcAAa12G0Wq-UCAFTATesC_Fh3hKUC3VnuAkDuYN0UoG_5HwM8wMP3-f0tZ5Nb4bqYXlcGAKjoomYG2AzgGYAg1mq1rAEAAAAEsAEAAAACuAF0A_AGEIgOxQEAAAAExgEAAAAAyAHsAwA1wY5eK_TE8QMUxGg5We4fAECAQqzVavl8sVarJRDw____TxAAAAAAAACgEwU!&cmcv=&pix=undefined&cb=1707930693672&uv=3378&tms=1707930693672&abt=adxsub-out_vA!adxsub-out_vB!dd_vA!esv_vA!rbcatc_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=6f369946-c7d8-43da-b8e4-b2ae2ae34342&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
54913be8026053208de0892dad4b1074e037df14febbb277c929eb907f52e4cc

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 14 Feb 2024 17:11:33 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4535-YYZ
x-timer
S1707930694.716354,VS0,VE26
sync
us-match.taboola.com/ Frame 83BC 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V9HfwCABYDAJ71P5xAlUolBACe9T-cQJVKJQUAAAAABgYA9AcAJDbzzJbL0Wyt8Y2Ma9Fm5HBLjCvTWmJZuCwLl2e0GU2GAECSs91qsFsu1xKLx-MWrUwbt8Q0ca0lw5FtsJyNPMORxwoAJMZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmz0FVd5reAMCCptPhc93rFa6L6XWXOK1_yWAtcRmddpNbdHS5NR-X3eUWHP2mv-cOAAAAAAAPAABiDQkQAD-AAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAAAKtFUaAAAmGwAC0SEHAEL77abLy2H2BwAAwEMECAAAgAAGCQDAAflwCQCAy0j-CQAAAAAAAAAAAAvA____fwzAwP1LgwzAQH9-cw8AwIMPAMADEQAAAMFbEQAjAAAAAABTgGaoI4BJAJ0AUAFYVAEAABCkWwEAXAEAAAQ0omp6LIcBAAAABIwBLNDD4vebHXaN3-0yAAAAAAAAAAAAM4D_M4B_NAChmvrhNADhSRR7NYBfQACANYBfQAAANgB1AwAAeAMIgAMIOgCCVgwGqwMIiNkBAAAAANwB_P___-sBgMxwsNuNLKPBcLNxDleL0WIysVhcM8tiMFwOJ77tASxL20GtGVwX9QGYCMvs9x0UlNPTY3YZREXX22J3OM2eg6ruNB3EBw3DcjII5gcwYYvRajLZLIez5WIyGI6Go9H-AAZishggwEQMlsvJZDHZrUar0Wa4G80GCwQQiMEEAShaNJisRqPJYjJcjSar2XKx220QgKJVq9loMxiuZpPZbrcaDobL0QgBJmwxWk0mm-VwtlxMBsPRcDQaIgBMeHwjx8rkXAt2w8FaNJjs1sKZceJWmCbLlW-xWjg2hrXo9TF9PLbdcmPYIoBgQM1eBBfpRPDwfX5_y9nkVrguptdFLNGcLNKJ7LLvDAe73cgyGgw3G-dwtRgtJhOLxTWzLAbD5XDi2zc8vpFjZXKuBbvhYC0aTHZr4cw4cStMk-XKt1gtHBvDWvT6mD4e2265Mewbu8FuuRnMhsN9YzfYLTeD2XC479AZvqvP2SisZbQenc-ZrUkNN6dB4TJYvCvVaaUtSA7a7FXkdGlmyqLO6Pf7_X6_3-_3-_0GredgNih858lu9Zl5Db7ndmYQGxSKWCI4XaQT0ct4uoglkqdFOlGYJhuHbzdyeVwuw2ZlsW0cq9lyONiYbDOHzWGZiCVK00U60UsGa4nL6LSb3KKjy635uOwut-DoN_09F_UfARhiNpsL5pLBai4crBIAAAAAAAAAAMASACaATICbAAAAAACcAAa12G0Wq-UCAFTATesC_Fh3hKUC3VnuAkDuYN0UoG_5HwM8wMP3-f0tZ5Nb4bqYXlcGAKjoomYG2AzgGYAg1mq1rAEAAAAEsAEAAAACuAF0A_AGEIgOxQEAAAAExgEAAAAAyAHsAwA1wY5eK_TE8QMUxGg5We4fAECAQqzVavl8sVarJRDw____TxAAAAAAAACgEwU!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
7d760d29fb558ccc5bc965a3a7cfee2b0634d2d7f5f286e20a7b19ed48fbfef6

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 14 Feb 2024 17:11:34 GMT
machineid
3109
server
nginx
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66531085&crid=6425865&dast=V9HfwCABYDAJ71P5xAlUolBACe9T-cQJVKJQUAAAAABgYA9AcAJDbzzJbL0Wyt8Y2Ma9Fm5HBLjCvTWmJZuCwLl2e0GU2GAECSs91qsFsu1xKLx-MWrUwbt8Q0ca0lw5FtsJyNPMORxwoAJMZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmz0FVd5reAMCCptPhc93rFa6L6XWXOK1_yWAtcRmddpNbdHS5NR-X3eUWHP2mv-cOAAAAAAAPAABiDQkQAD-AAAARAAAAAAASAAAAAAAUAAEVAP8WAAIXAAAAAAAYAAAKtFUaAAAmGwAC0SEHAEL77abLy2H2BwAAwEMECAAAgAAGCQDAAflwCQCAy0j-CQAAAAAAAAAAAAvA____fwzAwP1LgwzAQH9-cw8AwIMPAMADEQAAAMFbEQAjAAAAAABTgGaoI4BJAJ0AUAFYVAEAABCkWwEAXAEAAAQ0omp6LIcBAAAABIwBLNDD4vebHXaN3-0yAAAAAAAAAAAAM4D_M4B_NAChmvrhNADhSRR7NYBfQACANYBfQAAANgB1AwAAeAMIgAMIOgCCVgwGqwMIiNkBAAAAANwB_P___-sBgMxwsNuNLKPBcLNxDleL0WIysVhcM8tiMFwOJ77tASxL20GtGVwX9QGYCMvs9x0UlNPTY3YZREXX22J3OM2eg6ruNB3EBw3DcjII5gcwYYvRajLZLIez5WIyGI6Go9H-AAZishggwEQMlsvJZDHZrUar0Wa4G80GCwQQiMEEAShaNJisRqPJYjJcjSar2XKx220QgKJVq9loMxiuZpPZbrcaDobL0QgBJmwxWk0mm-VwtlxMBsPRcDQaIgBMeHwjx8rkXAt2w8FaNJjs1sKZceJWmCbLlW-xWjg2hrXo9TF9PLbdcmPYIoBgQM1eBBfpRPDwfX5_y9nkVrguptdFLNGcLNKJ7LLvDAe73cgyGgw3G-dwtRgtJhOLxTWzLAbD5XDi2zc8vpFjZXKuBbvhYC0aTHZr4cw4cStMk-XKt1gtHBvDWvT6mD4e2265Mewbu8FuuRnMhsN9YzfYLTeD2XC479AZvqvP2SisZbQenc-ZrUkNN6dB4TJYvCvVaaUtSA7a7FXkdGlmyqLO6Pf7_X6_3-_3-_0GredgNih858lu9Zl5Db7ndmYQGxSKWCI4XaQT0ct4uoglkqdFOlGYJhuHbzdyeVwuw2ZlsW0cq9lyONiYbDOHzWGZiCVK00U60UsGa4nL6LSb3KKjy635uOwut-DoN_09F_UfARhiNpsL5pLBai4crBIAAAAAAAAAAMASACaATICbAAAAAACcAAa12G0Wq-UCAFTATesC_Fh3hKUC3VnuAkDuYN0UoG_5HwM8wMP3-f0tZ5Nb4bqYXlcGAKjoomYG2AzgGYAg1mq1rAEAAAAEsAEAAAACuAF0A_AGEIgOxQEAAAAExgEAAAAAyAHsAwA1wY5eK_TE8QMUxGg5We4fAECAQqzVavl8sVarJRDw____TxAAAAAAAACgEwU!&cmcv=&pix=31589837&cb=1707930693671&uv=3378&tms=1707930693671&abt=adxsub-out_vA!adxsub-out_vB!dd_vA!esv_vA!rbcatc_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1707930683017.1!ts:1707930693671&mntl=1
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:35 GMT
content-length
0
server
nginx
css2
fonts.googleapis.com/ Frame CBCF 		5 KB
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Feb 2024 17:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 15:28:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Feb 2024 17:11:33 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CBCF 		205 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 15:42:24 GMT
x-content-type-options
nosniff
age
5349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 13 Feb 2025 15:42:24 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CBCF 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 16:38:19 GMT
x-content-type-options
nosniff
age
1994
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 13 Feb 2025 16:38:19 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/elements/html/ Frame CBCF 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
128807e382b2823b22c893c3c363e358dc8ab839062af7550cbfae790ea5c7ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:26:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
63897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6491
x-xss-protection
0
server
cafe
etag
466061988171370325
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:26:36 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/elements/html/ Frame CBCF 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 17:41:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
84612
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9141
x-xss-protection
0
server
cafe
etag
6041988417631582345
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 17:41:21 GMT
truncated
/ Frame 8B76 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/webp
1fad0b0f-8fbc-4b7f-8198-68dc5191e099
https://c.bannerflow.net/ Frame 18DD 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://c.bannerflow.net/1fad0b0f-8fbc-4b7f-8198-68dc5191e099
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.612e08f80e9d2d7b247c.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
668
Content-Type
60d0815c37670160b4539414.json
c.bannerflow.net/sfeeds/581701278d987c10bca61aed/ Frame 8B76 		22 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/sfeeds/581701278d987c10bca61aed/60d0815c37670160b4539414.json
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/feed.5690094ed3594c2fe977.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4a66f998616744d49369711c67a0567aeafc62d9f0edac92d2ba2a42141be6c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Feb 2024 17:05:38 GMT
server
cloudflare
age
355
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
public, max-age=600, stale-if-error=28800, stale-while-revalidate=28800
cf-ray
8556ee5449143a08-YYZ
request-context
appId=cid-v1:ab2f42fc-6a35-4ceb-b810-86e88366fb0b
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4402329642115120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
t.dhj
t.sharethis.com/1/k/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=aubtu.biz&rnd=1707930693809
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.104.81 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-104-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fa4fef16a9b433ca0fb15659d1a9cbb0070a13a9cb2983852fd9c5e5e6e4c9b4
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1363
Expires
Wed, 14 Feb 2024 18:11:35 GMT
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&us_privacy=1---
  • https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&us_privacy=1---&b=1&g=UT5aiWXtOzE8qF9e%2BPKYYbBcNQzAa1bllO62p3m9x%2Bk%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&us_privacy=1---&b=1&g=UT5aiWXtOzE8qF9e%2BPKYYbBcNQzAa1bllO62p3m9x%2Bk%3D
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://aubtu.biz
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 14 Feb 2024 17:11:33 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://aubtu.biz
location
https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&us_privacy=1---&b=1&g=UT5aiWXtOzE8qF9e%2BPKYYbBcNQzAa1bllO62p3m9x%2Bk%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fed
ups.analytics.yahoo.com/ups/58809/ 		391 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58809/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://aubtu.biz/20-behind-the-scene-photos&pixelId=58809
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
10ec534a3066956a91ba42ebaaf02f3ff1f933ce3cc387c3e0a07c910f98c22e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://aubtu.biz
content-type
application/json
access-control-allow-credentials
true
rid
match.adsrvr.org/track/ 		109 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1324mj4&fmt=json
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
67900ebbc293090186ae226a196379ae51a6e173ad4bfd8b8f63db7adde74a8f

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 17:11:34 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://aubtu.biz
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 15 Mar 2024 17:11:34 GMT
css
fonts.googleapis.com/ Frame 91A2 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Feb 2024 17:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 16:54:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Feb 2024 17:11:33 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 91A2 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:59:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
29529
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Feb 2024 08:59:24 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/ Frame 91A2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A994 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 16:22:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 91A2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/ Frame 91A2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240212/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 23:25:53 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 91A2 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 16:28:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
2573
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62867
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 17:28:40 GMT
c0f9635aabdd33ab086e3930fa461563.js
www.gstatic.com/mysidia/ Frame 91A2 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 13:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15250
x-xss-protection
0
last-modified
Fri, 09 Feb 2024 05:57:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 10 May 2024 13:53:33 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 8B76 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2Ffc7de181-febe-435e-9178-13401109704d.woff&t=%20CNOelmnorstuwy
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f0cad624cbb2c272ccc7852ae9a4aeade8af3c583aac91a8055cfa8ae47af8c

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
Origin
https://c.bannerflow.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:33 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 00:00:24 GMT
server
cloudflare
age
6196269
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=fc7de181-febe-435e-9178-13401109704d-subset.woff
cf-ray
8556ee557b403a08-YYZ
expires
Wed, 04 Dec 2024 00:00:23 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 8B76 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F7b49bac3-4e85-4c34-b3ea-72a1852603f7.woff&t=%20%2402ABCDEHMNOPRSTU
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d85304f3f6ec4e79db5aa5c63bad5133760453a279223862a6d1ca36df29e3b

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
Origin
https://c.bannerflow.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:34 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 00:00:39 GMT
server
cloudflare
age
6196255
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=7b49bac3-4e85-4c34-b3ea-72a1852603f7-subset.woff
cf-ray
8556ee566cde3a08-YYZ
expires
Wed, 04 Dec 2024 00:00:38 GMT
vevent
nym1-ib.adnxs.com/ Frame B1CE 		0
982 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos&e=wqT_3QLaDfBM2gYAAAMA1gAFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSKjYJCVqBIatb4T8RkD_FL8Qj1D8ZAAAAANejAkAhkD_FL8Qj1D8pCFoJJNgxAAAAgBSu1z8wltvnDTjKDECYOUgCUKyx39QBWJe0pAFgAGj1rMgBePKEBoABAYoBA1VTRJIBAQbwTJgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCAxNDM1NDg2LCAwKTt1ZignaScsIDc2MzQ2MjYsIDApBRQsZycsIDI0MTUzMTQxFSkAcwEVHDk0MTc2NTY2FRYwcicsIDQ0NjE1OTAyMAUW8IuSAqUFIVpJaFQtd2k5bDU4Y0VLeXgzOVFCR0FBZ2w3U2tBVEFCT0FCQUFFaVlPVkNXMi1jTldBQmdyZ1pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFLb0FRS3dBUUM1QVc0U1Y3LXFXLUVfd1FGdUVsZV9xbHZoUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSENfZEVEOVFHRVRKRV9tQUlBb0FJQ3RRSQUkAHYNCPBYd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJLU52elVRQkJnQkxUb284VG1pQXhNSWc1YmVOQkFLR0FFdHpMQUpRRElEZFc1cm8FNCxUUG5EUVFDeGdDTFEBd_BVQzZBd2xPV1UweU9qWTBNamJnQTloRmdBVFY0cVVOaUFUMzRxVU5rQVFCbUFRRXNnUUtDSmFvNHc0UTU3TEpEYm9FR2dqdENCRzRIb1hyVWJpZVB4a0EBWgUBKENDV3FPTU93UVM0FSAIOGtFBRwFARhEWUJBRHhCBQwJAVxpQVdhTXBBRnJNaGdtQVcyanFPTUFha0YJHhhBQThELXhCBbwJAQh3UVUJCQEBAE0uKAAEX1IuKAAAMhUo8ENEd1AtQUY1S2NEOEFXMW1NSUwtQVhlemxlQ0JnTlZVMFNJQmdTUUJnR1lCZ0NoQnR2NWZtcThkTzhfcUFZRXNnWWtDUQFtCQEARR2MAEcdDABJHQwwdUFZS2dRamdicVF3cUEoQDRnSUFBLi6aApkBIVlCb0pEPqkCNEplMHBBRWdBQ2dBTWR2FYEET2curQEUWkEyRVZKCYcUQUE4RDlSEQwMQUFCWh0MMGh1QjZGNjFHNG5qOXAdGAB4HQwMNEFJazWI8MI4RDgu2ALBBOAC0qYH6gIsaHR0cHM6Ly9hdWJ0dS5iaXovMjAtYmVoaW5kLXRoZS1zY2VuZS1waG90b3OAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2AOXjsIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDE2Ni4wLjIwNS44MKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI05ZTTI6NjQyNtoEAggB4AQB8ASFuCCIBQGYBQCgBf8RARQBwAUAyQWhBRwAAPA_0gUJCQkMiAAA2AUB4AUB8AXEv0j6BQQIABAAkAYAmAYAogYOMTYxMCNOAWMkNDkyNbgGAMEGAAUBKPA_0AapJdoGFgoQBRAdAWAQABgA4AYB8gaHAQisyGASgAEyaFVtdjFvIXPYREFBa0NCUUVJMTkzV0NSRDkzYVVER1BmMzNnTWdCeWdBUU9MNjVnbEk4UFdaQ2xEWVJWaTlKbn04EEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAB4QS4ugAcBiAcAoAcBugcIKgQxLS0tQAHIB_KEBtIHDS0GBC5AAbcI2gcGAf_wdhgA4AcA6gcCCADwB5GACIoIRwpDAAABjaiaHehKrQGD502jQOc4RQeEs_nDa20IuYsW08cKdL1QyCW4WdL4gnR__K7nn28aE1fOuTZsvodlvJfOJ0hPfxABlQgAAIA_mAgBwAjBBNIIDgiBgoSIkKDAgAEQABgA&s=ae8030d35331e4cf5513c6afd3dcbc3a13762830&type=nv&nvt=5&jm=1003&px=1300&py=600&bw=300&bh=600&sid=1292875471409186623&vd=ct~0|rr~0&sv=241&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28962198&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=5959&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/241/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:35 GMT
an-x-request-uuid
b851690e-66c8-4193-9e06-13548d9f0545
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://aubtu.biz
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.80; 166.0.205.80; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A994
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240212/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 17:11:34 GMT
expires
Wed, 14 Feb 2024 17:11:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 17:11:34 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
font
c.bannerflow.net/fs/api/v2/ Frame 8B76 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2Fbbce1357-56be-44ef-b744-665203060451.woff&t=%201AFLMORU
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cbfd50bd7880b1e61afcfd57a9ab77a4b6182db7d0409b4c6faf87dfdc9d533

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
Origin
https://c.bannerflow.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:34 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 02:19:20 GMT
server
cloudflare
age
3077534
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=bbce1357-56be-44ef-b744-665203060451-subset.woff
cf-ray
8556ee572e383a08-YYZ
expires
Thu, 09 Jan 2025 02:19:20 GMT
/
pips.taboola.com/ 		4 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-served-by
cache-yyz4532-YYZ
date
Wed, 14 Feb 2024 17:11:34 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://aubtu.biz
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
font
c.bannerflow.net/fs/api/v2/ Frame 8B76 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F8586c66f-7c84-4e0e-881c-e8dca530b008.woff&t=%20%24%25%26%27%28%29%2B%2C-.%2F0123456789%3A%3BABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz%7C%C2%A3%C2%A5%C3%A0%C3%A1%C3%A3%C3%A4%C3%A5%C3%A7%C3%A8%C3%A9%C3%AD%C3%B1%C3%B3%C3%B4%C3%B6%C3%B8%C3%BA%C3%BC%D8%8C%D8%A1%D8%A3%D8%A5%D8%A7%D8%A8%D8%A9%D8%AA%D8%AB%D8%AC%D8%AD%D8%AE%D8%AF%D8%B1%D8%B4%D8%B5%D8%B6%D8%B7%D8%B9%D9%80%D9%81%D9%82%D9%83%D9%84%D9%85%D9%86%D9%87%D9%88%D9%89%D9%8A%D9%A0%D9%A1%D9%A3%D9%A5%D9%A6%D9%A7%E0%A4%82%E0%A4%85%E0%A4%86%E0%A4%87%E0%A4%89%E0%A4%8F%E0%A4%91%E0%A4%94%E0%A4%95%E0%A4%97%E0%A4%9C%E0%A4%9F%E0%A4%A1%E0%A4%A4%E0%A4%A6%E0%A4%A7%E0%A4%A8%E0%A4%AA%E0%A4%AC%E0%A4%AD%E0%A4%AE%E0%A4%AF%E0%A4%B0%E0%A4%B2%E0%A4%B5%E0%A4%B6%E0%A4%B8%E0%A4%B9%E0%A4%BE%E0%A4%BF%E0%A5%80%E0%A5%81%E0%A5%82%E0%A5%87%E0%A5%88%E0%A5%8B%E0%A5%8D%E0%A5%A4%E2%82%AC%E2%82%B9%E3%80%81%E3%81%8B%E3%81%9D%E3%81%A7%E3%81%AE%E3%82%89%E3%82%92%E3%82%A4%E3%82%AA%E3%82%BA%E3%83%83%E3%83%88%E3%83%95%E3%83%97%E3%83%99%E3%83%A4%E3%83%AA%E3%83%AC%E3%83%BC%E4%BB%96%E4%BD%8E%E5%85%A5%E5%88%A9%E5%8F%82%E5%91%88%E5%A4%A7%E5%AE%9A%E6%96%B0%E6%97%A5%E6%9C%80%E6%9C%AC%E7%85%A7%E7%94%A8%E7%99%BB%E7%B4%84%E8%A6%8F%E9%80%B2%E9%81%A9%E9%87%91%E9%8C%B2%E9%99%90%E9%A1%8D%EF%BC%85
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bebb89f30c2f5181121c216e49dacbad95bf4e4864927466a5d72195f7848f72

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
Origin
https://c.bannerflow.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:34 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 00:00:28 GMT
server
cloudflare
age
6196266
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=8586c66f-7c84-4e0e-881c-e8dca530b008-subset.woff
cf-ray
8556ee57df7b3a08-YYZ
expires
Wed, 04 Dec 2024 00:00:27 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Feb 2024 17:11:34 GMT
cache-control
no-store
server
nginx
AGSKWxUwdqFvBkA0IrMYAxEs13oMHw1npL3m3MGKfXB0gyG488Vc-5ns9idMhj_zm3QhcCdNsioaJA2H-9QpPXCZBS1CMwQwMcYRaPkZ-voQ2hAfbQacQIVt-ZNmoDwGPVwu-tA_gkIQGw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUwdqFvBkA0IrMYAxEs13oMHw1npL3m3MGKfXB0gyG488Vc-5ns9idMhj_zm3QhcCdNsioaJA2H-9QpPXCZBS1CMwQwMcYRaPkZ-voQ2hAfbQacQIVt-ZNmoDwGPVwu-tA_gkIQGw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9ZSW8PsLlC1-dqyB_RsZXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 17:11:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-9ZSW8PsLlC1-dqyB_RsZXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAce7F5HZtAw551TxgBAiEYvA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://aubtu.biz
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUwdqFvBkA0IrMYAxEs13oMHw1npL3m3MGKfXB0gyG488Vc-5ns9idMhj_zm3QhcCdNsioaJA2H-9QpPXCZBS1CMwQwMcYRaPkZ-voQ2hAfbQacQIVt-ZNmoDwGPVwu-tA_gkIQGw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUwdqFvBkA0IrMYAxEs13oMHw1npL3m3MGKfXB0gyG488Vc-5ns9idMhj_zm3QhcCdNsioaJA2H-9QpPXCZBS1CMwQwMcYRaPkZ-voQ2hAfbQacQIVt-ZNmoDwGPVwu-tA_gkIQGw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jQLxKuo9mVykhS6QPam0gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 17:11:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-jQLxKuo9mVykhS6QPam0gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAce7F5HZvAg2PdrxkBBb4ZEg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://aubtu.biz
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUwdqFvBkA0IrMYAxEs13oMHw1npL3m3MGKfXB0gyG488Vc-5ns9idMhj_zm3QhcCdNsioaJA2H-9QpPXCZBS1CMwQwMcYRaPkZ-voQ2hAfbQacQIVt-ZNmoDwGPVwu-tA_gkIQGw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUwdqFvBkA0IrMYAxEs13oMHw1npL3m3MGKfXB0gyG488Vc-5ns9idMhj_zm3QhcCdNsioaJA2H-9QpPXCZBS1CMwQwMcYRaPkZ-voQ2hAfbQacQIVt-ZNmoDwGPVwu-tA_gkIQGw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jnKPeMns7SLKANYoVWNQ2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 17:11:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-jnKPeMns7SLKANYoVWNQ2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAce7F5HZvAgT0trxkBBOEY4Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://aubtu.biz
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU9SCP6TqyUX7Mh7Gzk-g4DsumNmKDp68APPndmNWSGGYHpMQlwwpFhhOS7dNoRL1vEwFTTbUJfTZJ7DtPItSdVCkc70aeSxfBaNywgouC-40sndzEgaTWDQaX4yUrXYNSCflaVjQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU9SCP6TqyUX7Mh7Gzk-g4DsumNmKDp68APPndmNWSGGYHpMQlwwpFhhOS7dNoRL1vEwFTTbUJfTZJ7DtPItSdVCkc70aeSxfBaNywgouC-40sndzEgaTWDQaX4yUrXYNSCflaVjQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3OTMwNjk0LDQzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYXVidHUuYml6LzIwLWJlaGluZC10aGUtc2NlbmUtcGhvdG9zIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60e5280f5bd5f4e1d1908201cdf0bf200e6eb1d3a1b850d3c3c66bbf4f385cd1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-96SdrutUwAi25YS_iI0aXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-96SdrutUwAi25YS_iI0aXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4K4hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48Hy5vw6axcEdNZ4-qms-YBMd-66ay666ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYgIP6cOYP1NxD71M9gjQFiIW6O4y82r2MTmHFppRAA4r9J0w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
pagead2.googlesyndication.com/bg/ Frame E178 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 09:03:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
29262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19829
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 09:03:52 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 8B76 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F42eeb52d-4ab8-44ad-9b90-6a5b55a7192c.woff&t=%20%27ABCDEGIJKLNOPRSTY%C3%8D%C3%96%D8%A5%D8%B6%D9%85%D9%86%E0%A4%82%E0%A4%95%E0%A4%9C%E0%A4%9F%E0%A4%B0%E0%A4%B8%E0%A4%BF%E0%A5%87%E0%A5%8D%E7%99%BB%E9%8C%B2
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41302216961daa6224bd5ccec5fd946ebf26cd1685e6911c02ae75703e480ea8

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
Origin
https://c.bannerflow.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:34 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 00:00:50 GMT
server
cloudflare
age
6196244
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=42eeb52d-4ab8-44ad-9b90-6a5b55a7192c-subset.woff
cf-ray
8556ee58e9793a08-YYZ
expires
Wed, 04 Dec 2024 00:00:50 GMT
/
ad-events.flashtalking.com/state/7467377;4346718;0;271;AEF2181C-544B-97B3-391A-12E61F48F1F3/ Frame B1CE 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/7467377;4346718;0;271;AEF2181C-544B-97B3-391A-12E61F48F1F3/?cachebuster=921186749
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.222.52.200 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-222-52-200.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:35 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame B1CE 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7467377;4346718;0-302-0-5888165EA0F448-811107075
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.48.8.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-52.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Feb 2024 17:11:35 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Wed, 14 Feb 2024 17:11:35 GMT
optimize
c.bannerflow.net/io/api/image/ Frame 3310 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F20cab9ff-0a31-4bdd-aa36-158bf65b11e2.png&w=279&h=222&q=90&f=webp&rt=contain
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6784bb37655c673d630305efa22397e439f6c6b4b846ad7cb14daad00fedd16c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:34 GMT
cf-cache-status
HIT
last-modified
Wed, 14 Feb 2024 15:29:12 GMT
api-supported-versions
2.0
server
cloudflare
age
6142
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
8556ee5b3d7e3a08-YYZ
content-length
6074
48c98c8b-fe07-4bba-b305-55108e522373.svg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/ Frame 3310 		21 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/48c98c8b-fe07-4bba-b305-55108e522373.svg
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c4ceaad6c0ded853185db4611bada262bc41f5e126e6af3a0e2476617201e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Feb 2024 17:11:34 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
BoW4YNJ/TzpStoETef7RLA==
age
6383
x-ms-lease-status
unlocked
last-modified
Tue, 14 Feb 2023 12:46:16 GMT
server
cloudflare
etag
W/"0x8DB0E8976B8BEC8"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0e2d74de-201e-0065-652c-247b97000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8556ee5b4d963a08-YYZ
60247ad2-a231-4d4d-b281-7cee8fd1d189.svg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/ Frame 3310 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/60247ad2-a231-4d4d-b281-7cee8fd1d189.svg
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115d3d222e948b73289c8180d4c821ae08feed8d7c3c62d7abff966e1f890bbb

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Feb 2024 17:11:34 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
7YVF1fdK2DQLVpofOPigCA==
age
1648
x-ms-lease-status
unlocked
last-modified
Wed, 02 Jun 2021 09:28:39 GMT
server
cloudflare
etag
W/"0x8D925A8CE413846"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
dd5e4efc-701e-000a-05a5-227164000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8556ee5b4d973a08-YYZ
optimize
c.bannerflow.net/io/api/image/ Frame 1363 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F42e23c73-df5f-4e4c-b49b-13903f0d190d.png&w=333&h=308&q=90&f=webp&rt=contain
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4bdf46141153dfa28b138dd6d2719e5fd4226acd66c505616e705d4ce080a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:34 GMT
cf-cache-status
HIT
last-modified
Wed, 14 Feb 2024 15:30:01 GMT
api-supported-versions
2.0
server
cloudflare
age
6093
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
8556ee5b8e013a08-YYZ
content-length
28362
914dd795-1c43-4c76-beb7-a74262181928.svg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/ Frame 3310 		26 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/914dd795-1c43-4c76-beb7-a74262181928.svg
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
467d3166ac18fd493d20fd168128d5bf07189398af1b698363549dae467c362e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Feb 2024 17:11:35 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
AIpHAdIycTb2acramlf0ww==
age
406
x-ms-lease-status
unlocked
last-modified
Mon, 13 Feb 2023 17:20:27 GMT
server
cloudflare
etag
W/"0x8DB0DE699D48E35"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b5064148-b01e-0067-6624-24c52f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8556ee5bce903a08-YYZ
optimize
c.bannerflow.net/io/api/image/ Frame 1363 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F42e23c73-df5f-4e4c-b49b-13903f0d190d.png&w=333&h=308&q=90&f=webp&rt=contain
Requested by
Host:
URL: widget-06e3a9df-af97-43d1-a10a-be97e36ecea9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4bdf46141153dfa28b138dd6d2719e5fd4226acd66c505616e705d4ce080a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:35 GMT
cf-cache-status
HIT
last-modified
Wed, 14 Feb 2024 15:30:01 GMT
api-supported-versions
2.0
server
cloudflare
age
6094
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
8556ee5cc8913a08-YYZ
content-length
28362
/
c.bannerflow.net/tr/v2/pixel/ Frame 8B76 		0
91 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6470764df5206dda457c5f26?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&container=.creative
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&preload=off&a=6470764df5206dda457c5f26&redirecturl=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKdAfBDnQAAAAMAxBkFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSIJbb5w0oygwwmDk4AkCssd_UAUiXtKQBUABaA1VTRGIBBehorAJw2AR49azIAYAB8oQGiAEBkAEBmAEFoAECqQEJWoEhq1vhP7EBkD_FL8Qj1D-5AQAAAADXowJAwRUUQMkBCFqBIatb4T_YAcEE4AEA%2Fs%3D39d3419a0234b85460265129f6524448b3ca8dba%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!YBoJDwi9l58cEKyx39QBGJe0pAEgACgAMdv5fmq8dO8_OglOWU0yOjY0MjZA2EVJAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNOWU0yOjY0MjY%3D%2Fbn%3D98930%2Fclickenc%3Dhttps%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F193398%3B7467377%3B4346718%3B211%3B0%2F%3Fpostal%3Dh3h%200a1%26us_privacy%3D!!US_PRIVACY!%26gdpr%3D0%26ft_impID%3DAEF2181C-544B-97B3-391A-12E61F48F1F3%26g%3D5888165EA0F448%26random%3D291180.06214664644%26ft_width%3D300%26ft_height%3D600%26url%3Dhttps%3A%2F%2Fbetway.com%2F%3Fs%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718&analytics=s%3Dbw216804%26a%3DDDR3709386748313959%26utm_medium%3Ddisplay%26utm_source%3DGeniusMedia_CA_SPO%26utm_campaign%3D193398%26utm_content%3D7467377%26utm_term%3D4346718
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Feb 2024 17:11:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8556ee5ce8c23a08-YYZ
content-length
0
request-context
appId=cid-v1:1fcf03fc-fba3-4651-852f-a11a7fdec64e
block
api.unibots.in/ 		45 B
288 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.unibots.in/block?client=Aubtu&page=aubtu.biz/20-behind-the-scene-photos
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
170.187.252.201 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-252-201.ip.linodeusercontent.com
Software
/ Express
Resource Hash
7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Feb 2024 17:11:36 GMT
keep-alive
timeout=5
x-powered-by
Express
content-length
45
etag
W/"2d-u7Q5CwGaa1ObtHaIkSK9AjhXyhU"
content-type
application/json; charset=utf-8
lgc
d9.flashtalking.com/ Frame B1CE 		103 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.160.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-160-120.compute-1.amazonaws.com
Software
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
eac030737510451f6c3950ae4a2e62babbcfa3e0b75c43790eb13dabbe3d83a6

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 14 Feb 2024 17:11:35 GMT
server
Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
access-control-allow-methods
GET,POST,SERVER
p3p
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin
https://aubtu.biz
content-type
application/json;charset=ISO-8859-1
access-control-allow-credentials
true
content-length
103
AGSKWxWiNTtwDPnm9zOHD1fvDqU9rYFPfDqXieiLUnUTkSIiSj3nA8MJ0ePsuqZwShn_8_BLa3T5k-2xX1pTeMfEboGRbs3HbuQgmHkgNmwEnNmOB7CLtiNdMHZZDZ6VK3jPJNjT3FBQiA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWiNTtwDPnm9zOHD1fvDqU9rYFPfDqXieiLUnUTkSIiSj3nA8MJ0ePsuqZwShn_8_BLa3T5k-2xX1pTeMfEboGRbs3HbuQgmHkgNmwEnNmOB7CLtiNdMHZZDZ6VK3jPJNjT3FBQiA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YyDV93Z6aYseMg-Hhw8f0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Feb 2024 17:11:35 GMT
content-security-policy
script-src 'report-sample' 'nonce-YyDV93Z6aYseMg-Hhw8f0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBALcXMcf7F5HZtAw6YtJQDoGxhE"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://aubtu.biz
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
nlp-bp.min.js
js.ad-score.com/ Frame B1CE 		300 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/nlp-bp.min.js?pid=1000791&tt=g&tid=6812&l1=193398&l2=GeniusSports&l3=7467377&l4=4346718&l5=&l6=&utid=AEF2181C-544B-97B3-391A-12E61F48F1F3&creative_type=display&adid=ftdiv7467377&pub_app=&pub_domain=&uid=&cb=238998.7549389062&pub_ts=1705942272&306487240
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g&tid=6812&l1=193398&l2=GeniusSports&l3=7467377&l4=4346718&l5=&l6=&utid=AEF2181C-544B-97B3-391A-12E61F48F1F3&creative_type=display&adid=ftdiv7467377&pub_app=&pub_domain=&uid=&cb=238998.7549389062&pub_ts=1705942272&306487240
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:3400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1810599ae6f90c490cb7d6b60b4b25314ddcc36e260f6564e03c665f506fcb1d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 20:39:57 GMT
Content-Encoding
gzip
Via
1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
Last-Modified
Tue, 13 Feb 2024 16:18:05 GMT
X-Amz-Cf-Pop
PHL51-P1
Age
73898
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Id
xJMKRWVsAlLs7roDO5eo4Fm7jVwMIWGjVzfeTNWX3DQ3DcfQUGp6tA==
cors
data.ad-score.com/data/ Frame B1CE 		100 B
641 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=jtRvZknFLNbIYrZZqYfFkjRRJrEIxXQQ-FE7fPshldVTlKDkb033MGkI=-E03BO8VibVXrPg==&pm_ct=1677475215f766737e35c725&pm_pl=1707930695214&pm_td=25&pid=1000791&en=1.1&callback=__pm_glbl_M0jtLDzoJc7Y1XD20qAXOsiC._gc1&tt=g&v=0a0f38d
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g&tid=6812&l1=193398&l2=GeniusSports&l3=7467377&l4=4346718&l5=&l6=&utid=AEF2181C-544B-97B3-391A-12E61F48F1F3&creative_type=display&adid=ftdiv7467377&pub_app=&pub_domain=&uid=&cb=238998.7549389062&pub_ts=1705942272&306487240
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
56375843c5404aa4d4f757dc49aa63d191fee16bf806c594ab5be4781e793681

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 14 Feb 2024 17:11:35 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://aubtu.biz
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
100
truncated
/ Frame AB7F 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B1CE 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
/
servedby.flashtalking.com/state/7467377;4346718;0;401;AEF2181C-544B-97B3-391A-12E61F48F1F3/ Frame B1CE 		42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/state/7467377;4346718;0;401;AEF2181C-544B-97B3-391A-12E61F48F1F3/?ft_data=d9:81c8422f66c8488ba61bca0b4726879e;d9s:81c8422f66c8488ba61bca0b4726879e&cachebuster=355871597
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.1.197.91 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-197-91.deploy.static.akamaitechnologies.com
Software
prod-xre-app17.ash11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Feb 2024 17:11:35 GMT
Strict-Transport-Security
max-age=86400
Server
prod-xre-app17.ash11
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
42
Expires
Wed, 14 Feb 2024 17:11:35 GMT
cf49998f-54e5-42ae-be78-0b6017950e1b
https://aubtu.biz/ Frame B1CE 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://aubtu.biz/cf49998f-54e5-42ae-be78-0b6017950e1b
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
03ceab20-a69b-4fa6-9e68-8a0dd0d78c9a
https://aubtu.biz/ Frame B1CE 		725 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://aubtu.biz/03ceab20-a69b-4fa6-9e68-8a0dd0d78c9a
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
725
Content-Type
text/javascript
vevent
nym1-ib.adnxs.com/ Frame B1CE 		0
982 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos&e=wqT_3QLaDfBM2gYAAAMA1gAFAQjB6LOuBhDAxra6vrDA1koY7viB4J-9yfhSKjYJCVqBIatb4T8RkD_FL8Qj1D8ZAAAAANejAkAhkD_FL8Qj1D8pCFoJJNgxAAAAgBSu1z8wltvnDTjKDECYOUgCUKyx39QBWJe0pAFgAGj1rMgBePKEBoABAYoBA1VTRJIBAQbwTJgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCAxNDM1NDg2LCAwKTt1ZignaScsIDc2MzQ2MjYsIDApBRQsZycsIDI0MTUzMTQxFSkAcwEVHDk0MTc2NTY2FRYwcicsIDQ0NjE1OTAyMAUW8IuSAqUFIVpJaFQtd2k5bDU4Y0VLeXgzOVFCR0FBZ2w3U2tBVEFCT0FCQUFFaVlPVkNXMi1jTldBQmdyZ1pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFLb0FRS3dBUUM1QVc0U1Y3LXFXLUVfd1FGdUVsZV9xbHZoUDhrQkFBQUFBQUFBOERfWkFRQQkOdFBBXzRBSENfZEVEOVFHRVRKRV9tQUlBb0FJQ3RRSQUkAHYNCPBYd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJLU52elVRQkJnQkxUb284VG1pQXhNSWc1YmVOQkFLR0FFdHpMQUpRRElEZFc1cm8FNCxUUG5EUVFDeGdDTFEBd_BVQzZBd2xPV1UweU9qWTBNamJnQTloRmdBVFY0cVVOaUFUMzRxVU5rQVFCbUFRRXNnUUtDSmFvNHc0UTU3TEpEYm9FR2dqdENCRzRIb1hyVWJpZVB4a0EBWgUBKENDV3FPTU93UVM0FSAIOGtFBRwFARhEWUJBRHhCBQwJAVxpQVdhTXBBRnJNaGdtQVcyanFPTUFha0YJHhhBQThELXhCBbwJAQh3UVUJCQEBAE0uKAAEX1IuKAAAMhUo8ENEd1AtQUY1S2NEOEFXMW1NSUwtQVhlemxlQ0JnTlZVMFNJQmdTUUJnR1lCZ0NoQnR2NWZtcThkTzhfcUFZRXNnWWtDUQFtCQEARR2MAEcdDABJHQwwdUFZS2dRamdicVF3cUEoQDRnSUFBLi6aApkBIVlCb0pEPqkCNEplMHBBRWdBQ2dBTWR2FYEET2curQEUWkEyRVZKCYcUQUE4RDlSEQwMQUFCWh0MMGh1QjZGNjFHNG5qOXAdGAB4HQwMNEFJazWI8MI4RDgu2ALBBOAC0qYH6gIsaHR0cHM6Ly9hdWJ0dS5iaXovMjAtYmVoaW5kLXRoZS1zY2VuZS1waG90b3OAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2AOXjsIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDE2Ni4wLjIwNS44MKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI05ZTTI6NjQyNtoEAggB4AQB8ASFuCCIBQGYBQCgBf8RARQBwAUAyQWhBRwAAPA_0gUJCQkMiAAA2AUB4AUB8AXEv0j6BQQIABAAkAYAmAYAogYOMTYxMCNOAWMkNDkyNbgGAMEGAAUBKPA_0AapJdoGFgoQBRAdAWAQABgA4AYB8gaHAQisyGASgAEyaFVtdjFvIXPYREFBa0NCUUVJMTkzV0NSRDkzYVVER1BmMzNnTWdCeWdBUU9MNjVnbEk4UFdaQ2xEWVJWaTlKbn04EEhnQWdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAB4QS4ugAcBiAcAoAcBugcIKgQxLS0tQAHIB_KEBtIHDS0GBC5AAbcI2gcGAf_wdhgA4AcA6gcCCADwB5GACIoIRwpDAAABjaiaHehKrQGD502jQOc4RQeEs_nDa20IuYsW08cKdL1QyCW4WdL4gnR__K7nn28aE1fOuTZsvodlvJfOJ0hPfxABlQgAAIA_mAgBwAjBBNIIDgiBgoSIkKDAgAEQABgA&s=ae8030d35331e4cf5513c6afd3dcbc3a13762830&type=pv&jm=1003&px=1300&py=600&bw=300&bh=600&sf=1&sid=1292875471409186623&vd=ct~0|rr~6&sv=241&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28962198&cid=3&cr=pv&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/241/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:35 GMT
an-x-request-uuid
c5893d87-0bd3-4aef-a0ee-8bd9ff64d2cd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://aubtu.biz
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.80; 166.0.205.80; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YRNMJ55HGC&gtm=45je42c0v9132936568za200&_p=1707930686581&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=130507260.1707930688&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1707930687&sct=1&seg=0&dl=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&dt=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&_s=2&tfd=12710
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YRNMJ55HGC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aubtu.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimize
c.bannerflow.net/io/api/image/ Frame 1363 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F42e23c73-df5f-4e4c-b49b-13903f0d190d.png&w=333&h=308&q=90&f=webp&rt=contain
Requested by
Host:
URL: widget-06e3a9df-af97-43d1-a10a-be97e36ecea9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4bdf46141153dfa28b138dd6d2719e5fd4226acd66c505616e705d4ce080a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:35 GMT
cf-cache-status
HIT
last-modified
Wed, 14 Feb 2024 15:30:01 GMT
api-supported-versions
2.0
server
cloudflare
age
6094
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
8556ee60883a3a08-YYZ
content-length
28362
t_.htm
t.sharethis.com/a/ Frame 1E51 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=B
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=aubtu.biz&rnd=1707930693809
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.104.81 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-104-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Wed, 14 Feb 2024 17:11:35 GMT
Expires
Wed, 21 Feb 2024 17:11:35 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
4de76a61-1e50-4170-9c96-43b8726c8d08
https://aubtu.biz/ Frame B1CE 		288 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://aubtu.biz/4de76a61-1e50-4170-9c96-43b8726c8d08
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
288
Content-Type
text/javascript
cors
data.ad-score.com/data/ Frame B1CE 		1 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=jtRvZknFLNbIYrZZqYfFkjRRJrEIxXQQ-FE7fPshldVTlKDkb033MGkI=-E03BO8VibVXrPg==&pm_ct=1677475215f766737e35c725&pm_pl=1707930695214&pm_td=731&pid=1000791&en=1.1&callback=__pm_glbl_M0jtLDzoJc7Y1XD20qAXOsiC._gc2&tt=g&v=0a0f38d
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g&tid=6812&l1=193398&l2=GeniusSports&l3=7467377&l4=4346718&l5=&l6=&utid=AEF2181C-544B-97B3-391A-12E61F48F1F3&creative_type=display&adid=ftdiv7467377&pub_app=&pub_domain=&uid=&cb=238998.7549389062&pub_ts=1705942272&306487240
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://aubtu.biz
Date
Wed, 14 Feb 2024 17:11:36 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
t_.js
t.sharethis.com/1.1280.23383/a/CA/ Frame E76D 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1280.23383/a/CA/t_.js?cid=c010&cls=B
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=B
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.104.81 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-104-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f29cefba8974cb6bf2dba370c7def20c4cd019b0c1948397281c75258aa8ecba
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=B
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
9552
Expires
Wed, 21 Feb 2024 17:11:36 GMT
truncated
/ Frame B1CE 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/gif
cors
data.ad-score.com/data/ Frame B1CE 		1 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=jtRvZknFLNbIYrZZqYfFkjRRJrEIxXQQ-FE7fPshldVTlKDkb033MGkI=-E03BO8VibVXrPg==&pm_ct=1677475215f766737e35c725&pm_pl=1707930695214&pm_td=926&pid=1000791&en=1.1&callback=__pm_glbl_M0jtLDzoJc7Y1XD20qAXOsiC._gc3&tt=g&v=0a0f38d
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g&tid=6812&l1=193398&l2=GeniusSports&l3=7467377&l4=4346718&l5=&l6=&utid=AEF2181C-544B-97B3-391A-12E61F48F1F3&creative_type=display&adid=ftdiv7467377&pub_app=&pub_domain=&uid=&cb=238998.7549389062&pub_ts=1705942272&306487240
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://aubtu.biz
Date
Wed, 14 Feb 2024 17:11:36 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
nlsn
sync.sharethis.com/ Frame E76D
Redirect Chain
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
  • https://sync.sharethis.com/nlsn?uid=f16b5db66b0382616e44e3fbd49c5beb
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/nlsn?uid=f16b5db66b0382616e44e3fbd49c5beb
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Server
3.14.137.50 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-137-50.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:37 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGAADWXM9EUAAAAIB6imAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

date
Wed, 14 Feb 2024 17:11:37 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://sync.sharethis.com/nlsn?uid=f16b5db66b0382616e44e3fbd49c5beb
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
lotame
sync.sharethis.com/int/ Frame E76D
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZGAADWXM9EUAAAAIB6imAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_conse...
  • https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZGAADWXM9EUAAAAIB6imAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_...
  • https://sync.sharethis.com/int/lotame?uid=cc703b56ea1a620c27d3afc02da921bc&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/int/lotame?uid=cc703b56ea1a620c27d3afc02da921bc&gdpr=0&gdpr_consent=
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Server
3.14.137.50 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-137-50.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGAADWXM9EUAAAAIB6imAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:36 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.sharethis.com/int/lotame?uid=cc703b56ea1a620c27d3afc02da921bc&gdpr=0&gdpr_consent=
cache-control
no-cache
x-server
10.40.63.103
content-length
0
expires
0
ttd
sync.sharethis.com/ Frame E76D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=be8f4702-1c90-4978-860e-bd2d2fbd9362&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/ttd?uid=be8f4702-1c90-4978-860e-bd2d2fbd9362&gdpr=0&gdpr_consent=
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Server
3.14.137.50 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-137-50.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGAADWXM9EUAAAAIB6imAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/ttd?uid=be8f4702-1c90-4978-860e-bd2d2fbd9362&gdpr=0&gdpr_consent=
date
Wed, 14 Feb 2024 17:11:36 GMT
server
Kestrel
content-length
215
eyeota
sync.sharethis.com/ Frame E76D
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2JpcubTLx5FP513ulvjKm5gYFq_Fi2P_6jb93JKT5bHs&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/eyeota?uid=2JpcubTLx5FP513ulvjKm5gYFq_Fi2P_6jb93JKT5bHs&gdpr=0&gdpr_consent=
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Server
3.14.137.50 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-137-50.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGAADWXM9EUAAAAIB6imAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2JpcubTLx5FP513ulvjKm5gYFq_Fi2P_6jb93JKT5bHs&gdpr=0&gdpr_consent=
Date
Wed, 14 Feb 2024 17:11:36 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
csync.ashx
ml314.com/ Frame E76D
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGAADWXM9EUAAAAIB6imAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3642068995841458201
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MjA2ODk5NTg0MTQ1ODIwMRAAGg0IyOizrgYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=256288284fabad7eff2bfc0952b933a4a8dffd45148dc4ec16a63838fac30982f4cb09cee1a4f8eb&person_id=3642068995841458201&eid=50082
43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=256288284fabad7eff2bfc0952b933a4a8dffd45148dc4ec16a63838fac30982f4cb09cee1a4f8eb&person_id=3642068995841458201&eid=50082
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Thu, 15 Feb 2024 17:11:37 GMT
date
Wed, 14 Feb 2024 17:11:37 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif

Redirect headers

date
Wed, 14 Feb 2024 17:11:37 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=256288284fabad7eff2bfc0952b933a4a8dffd45148dc4ec16a63838fac30982f4cb09cee1a4f8eb&person_id=3642068995841458201&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
yahoo
sync.sharethis.com/ Frame E76D
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent=
  • https://ups.analytics.yahoo.com/ups/58724/cms?partner_id=SHARE&gdpr=0&euconsent=
  • https://sync.sharethis.com/yahoo?uid=y-ZG9uMNZE2oNBBtqcE5JkloTO.Ia9qSOaCmM-~A&gdpr=0
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/yahoo?uid=y-ZG9uMNZE2oNBBtqcE5JkloTO.Ia9qSOaCmM-~A&gdpr=0
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Server
3.14.137.50 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-137-50.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGAADWXM9EUAAAAIB6imAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/yahoo?uid=y-ZG9uMNZE2oNBBtqcE5JkloTO.Ia9qSOaCmM-~A&gdpr=0
date
Wed, 14 Feb 2024 17:11:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ft.stat
stat.flashtalking.com/reportV3/ Frame B1CE 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7467377;4346718;0-307-0-5888165EA0F448-696948095
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.48.8.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-52.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Feb 2024 17:11:36 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Wed, 14 Feb 2024 17:11:36 GMT
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:36 GMT
content-encoding
br
cdn-edgestorageid
894
cdn-storageserver
SG-561
cdn-cachedat
01/27/2024 18:05:51
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
561
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
397af1e6b6d921c8f6c9935e45e41651
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:36 GMT
content-encoding
br
cdn-edgestorageid
941
cdn-storageserver
SG-560
cdn-cachedat
01/27/2024 18:08:12
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:09 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
560
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf619-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
bc22a8079d587d2f3be69c26a734c999
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:36 GMT
content-encoding
br
cdn-edgestorageid
1068
cdn-storageserver
SG-560
cdn-cachedat
01/28/2024 19:20:59
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:07 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
561
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf617-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
3f7aa43302781af9b0d54f19415c8a9a
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
aubtu.biz_1705573857815.css
cdn.unibotscdn.com/clientdata/css/ 		367 B
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/css/aubtu.biz_1705573857815.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
8ef96539cd24f4ee5f783f4c4c5299d42a8cead58ccd6bf600bd31cd1ba315fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:36 GMT
content-encoding
br
cdn-edgestorageid
1067
cdn-storageserver
SG-561
cdn-cachedat
01/30/2024 11:13:57
cdn-pullzone
873945
last-modified
Tue, 30 Jan 2024 11:13:37 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
712
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65b8d9e1-16f"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
0a4fa9025b22c4055615f8dfc45053b6
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
main.css
cdn.unibotscdn.com/ubplayer/mvp/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:36 GMT
content-encoding
br
cdn-edgestorageid
871
cdn-storageserver
SG-560
cdn-cachedat
01/27/2024 18:05:12
cdn-pullzone
873945
last-modified
Wed, 20 Dec 2023 11:02:06 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
560
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6582c9ae-1333"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
788cb944c26de04f71a475d3168be1b6
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		380 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a7085cbb434f1a55934b91e973b0601dcf8a63572639d7f87db23131c6c756c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133128
x-xss-protection
0
expires
Wed, 14 Feb 2024 17:11:36 GMT
/
ad-events.flashtalking.com/state/7467377;4346718;0;202;AEF2181C-544B-97B3-391A-12E61F48F1F3/ Frame B1CE 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/7467377;4346718;0;202;AEF2181C-544B-97B3-391A-12E61F48F1F3/?cachebuster=192191208
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.222.52.200 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-222-52-200.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:36 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cors
data.ad-score.com/data/ Frame B1CE 		1 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=jtRvZknFLNbIYrZZqYfFkjRRJrEIxXQQ-FE7fPshldVTlKDkb033MGkI=-E03BO8VibVXrPg==&pm_ct=1677475215f766737e35c725&pm_pl=1707930695214&pm_td=1764&pid=1000791&en=1.1&callback=__pm_glbl_M0jtLDzoJc7Y1XD20qAXOsiC._gc4&tt=g&v=0a0f38d
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g&tid=6812&l1=193398&l2=GeniusSports&l3=7467377&l4=4346718&l5=&l6=&utid=AEF2181C-544B-97B3-391A-12E61F48F1F3&creative_type=display&adid=ftdiv7467377&pub_app=&pub_domain=&uid=&cb=238998.7549389062&pub_ts=1705942272&306487240
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://aubtu.biz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://aubtu.biz
Date
Wed, 14 Feb 2024 17:11:37 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
video.min.js
vjs.zencdn.net/7.11.4/ 		524 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.11.4/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-served-by
cache-yyz4570-YYZ
date
Wed, 14 Feb 2024 17:11:37 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 16:37:54 GMT
etag
"dca7de69f28da40d65353c2e9323442b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
148475
x-cache-hits
373
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:37 GMT
content-encoding
br
cdn-edgestorageid
940
cdn-storageserver
SG-516
cdn-cachedat
01/27/2024 18:06:12
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
560
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
42a4bb2eff80199f55070c768aa6e157
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:37 GMT
content-encoding
br
cdn-edgestorageid
894
cdn-storageserver
SG-515
cdn-cachedat
02/13/2024 02:08:52
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
561
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
5093efce167cbfc28b1d8cf1927306d9
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:37 GMT
content-encoding
br
cdn-edgestorageid
1068
cdn-storageserver
DE-587
cdn-cachedat
01/23/2024 05:34:13
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
c705554523b96ea90096e16157ade09e
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:37 GMT
content-encoding
br
cdn-edgestorageid
1070
cdn-storageserver
SG-516
cdn-cachedat
01/27/2024 18:06:24
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:19 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
560
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf623-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
c86fd245667908eeb4c1c8dd686adda9
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
092951a8-165d-4e0a-87af-332a8d712b27
https://aubtu.biz/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://aubtu.biz/092951a8-165d-4e0a-87af-332a8d712b27
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
js
www.googletagmanager.com/gtag/ 		267 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XXJ8PP2E8P
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db1f07780b354d90ea4ca451002c2dda669a3a5bc3f8e8b00b96b13d1494e5ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92059
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Feb 2024 17:11:38 GMT
js
www.googletagmanager.com/gtag/ 		273 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XXJ8PP2E8P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153122571-11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f75eae206de7f9455cc35dd08e252a381cb5237c9de625992ab3223683b2970
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94393
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Feb 2024 17:11:38 GMT
5510ae19-0072-4d8c-96a3-891c224533c2
https://aubtu.biz/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://aubtu.biz/5510ae19-0072-4d8c-96a3-891c224533c2
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
6fe5d7f8-dffb-4071-ae38-0bc91ba244cf
https://aubtu.biz/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://aubtu.biz/6fe5d7f8-dffb-4071-ae38-0bc91ba244cf
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9

Request headers

Referer
Origin
https://aubtu.biz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::718:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-718 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:38 GMT
content-encoding
gzip
cdn-edgestorageid
1070
cdn-storageserver
DE-167
cdn-cachedat
01/23/2024 05:34:13
cdn-pullzone
873945
last-modified
Wed, 27 Dec 2023 11:09:25 GMT
server
BunnyCDN-IL1-718
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
14c5f8e9e0354a906530663591d7a743
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1067:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1067 /
Resource Hash
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.unibotscdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:38 GMT
content-encoding
gzip
cdn-edgestorageid
1029
cdn-storageserver
SG-516
cdn-cachedat
02/12/2024 03:12:38
cdn-pullzone
483488
last-modified
Thu, 01 Dec 2022 03:57:32 GMT
server
BunnyCDN-IL1-1067
cdn-fileserver
424
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
11d7ad2f7633c62022ef4fc77abb569c
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
bridge3.620.1_en.html
imasdk.googleapis.com/js/core/ Frame 4C24 		756 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.620.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5af76b8c97acd66d2de3534bda06f5bee64f1bcc2474c96f460a7e67318d0322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aubtu.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
29696
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247465
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 08:56:42 GMT
expires
Thu, 13 Feb 2025 08:56:42 GMT
last-modified
Tue, 13 Feb 2024 00:56:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Feb 2024 17:11:38 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/canary/ Frame 6301 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/canary/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f22182dfb4c2f9d9afb123ddfc54ebc9111a521d9d0b4e66045a8cc0f6df742d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13943
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 18:04:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 14 Feb 2024 18:00:30 GMT
playlist.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/ 		171 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1029 /
Resource Hash
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:39 GMT
content-encoding
gzip
cdn-edgestorageid
1067
cdn-storageserver
NY-430
cdn-cachedat
02/13/2024 04:05:49
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:44:02 GMT
server
BunnyCDN-IL1-1029
cdn-fileserver
354
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
3492320487e194a914608b6c9be22a74
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ef9bfb40-48de-4e53-8dc2-1028abd3c21e
https://aubtu.biz/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://aubtu.biz/ef9bfb40-48de-4e53-8dc2-1028abd3c21e
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
42f48b93-bf69-4a1d-9a9e-d5dbb62b680e
https://aubtu.biz/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://aubtu.biz/42f48b93-bf69-4a1d-9a9e-d5dbb62b680e
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
5b9574f5-53de-49ea-94f8-dbbfe0cc604b
https://aubtu.biz/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://aubtu.biz/5b9574f5-53de-49ea-94f8-dbbfe0cc604b
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XXJ8PP2E8P&gtm=45je42c0v892558183za200&_p=1707930686581&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=130507260.1707930688&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707930698&sct=1&seg=0&dl=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&dt=20%2B%20Behind-The-Scene%20Photos%20That%20Reveal%20The%20Deepest%20Secrets%20Of%20The%20Movies&en=page_view&_fv=1&_ss=1&_ee=1&tfd=15630
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XXJ8PP2E8P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aubtu.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 4C24 		50 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C23035120401%2Faubtu_mvp2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=b_upr%3Don%26KV1%3D2.50%26ctry%3DCA%26max_ad_duration%3D900&description_url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&vpa=auto&vpmute=0&sdkv=h.3.620.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=0&sdki=445&ptt=20&adk=3966403247&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.620.1&sid=45FFF6E9-EB4C-49AA-AF7B-EAF95FB81CC2&nel=0&eid=44752052%2C44768717%2C44772139%2C44777649%2C44781409%2C95321947%2C95322027&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&dlt=1707930684544&idt=13987&dt=1707930699264&cookie=ID%3Db99c8ed4c5daff5b%3AT%3D1707930688%3ART%3D1707930688%3AS%3DALNI_MbVpjVcSv6jos1zUGXxwsxg5M_Jcg&gpic=UID%3D00000dc9e202fe3e%3AT%3D1707930688%3ART%3D1707930688%3AS%3DALNI_MZQGpNw2p3IZX7ddAmDhOU5SUjwqA&correlator=3997595012708622&scor=3789493537045927&ged=ve4_td14_tt0_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.620.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a4f01c2a29ea820354570fb8b9b457ccfff422a40509dc96e318b46788f1277
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9231
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
video.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1029 /
Resource Hash
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:39 GMT
content-encoding
gzip
cdn-edgestorageid
1067
cdn-storageserver
NY-267
cdn-cachedat
02/13/2024 04:05:55
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-IL1-1029
cdn-fileserver
268
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
fba7b713abcf5d21bceb7dabd5823073
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video0.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		337 KB
338 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1029 /
Resource Hash
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:39 GMT
cdn-edgestorageid
894
cdn-storageserver
NY-268
cdn-cachedat
10/31/2023 19:33:47
cdn-pullzone
829957
content-length
345356
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-IL1-1029
cdn-fileserver
427
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
d2de31048e4b17651f14725696a13894
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video1.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		318 KB
319 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video1.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1029 /
Resource Hash
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:40 GMT
cdn-edgestorageid
845
cdn-storageserver
NY-346
cdn-cachedat
12/10/2023 06:53:23
cdn-pullzone
829957
content-length
325240
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
server
BunnyCDN-IL1-1029
cdn-fileserver
354
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
949217a0a5cbd536180d68b6ea3e4458
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
csi
csi.gstatic.com/ Frame 4C24 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lsm1u96j&c=5591581463296&slotId=2795790731648&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.620.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4012:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 4C24 		38 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Bo6nrXkEsQi6qUoV7H3q1xqKxgHz8ppCP_iTQg1bJ_IlNaIwOruFE9PdRcEOd-lCVEY33gSrnOsZHswUw_3VAJSRuosQ&cry=1&dbm_d=AKAmf-CaEC3woGgngkk4neIFL86jnDUFoBamjAbazWI-7VWdYFERLr0h8pGGmLJJYGMKOn_Zn1AWy4O36YKD0drnvdUaDC4TgkRuXcH-Q3tRAWU1XQUpOBNcCb4NYz16vVQlN21nzAGgFz4uyBEZ3o-o0amwY_IaHZ2mVzAWPPyYY5M1Nymo0Qlny3Tq0ZGhR3N47eN0CDQqriWsMgqfufKfeTZCEB-2vh_WpPVejyRTcfUQh31Eg47_JszjrLHaN_DrHwYeCSVWY5VPpC-WBVQlwqhOdWP4sn3Orc_3LfrnyAcYkzWoaO6hp4xv4c14-VeL4cyuFxQ9RPJ-lIVy5a_D2FTxgAo_y7oWaGuKdvjc2xKee_oeGv1-ZvZqr6edNly9ez7I6CrKaq-s5n8iEbvM81scJcDjBOs4U0XXGmBZXHsnjG6aEBmOUW3zuuF-0JH1rfWDbWZft8FW9Vw0k4R6hZqQPSJk4Q-NRdfFq2_RowrdatLa3BxNaQLS4dSVK0qZ8htjgHKEm7JaDRNjKq8_zgerZSDcCFLYu1WPiD4rv-NlFnozvyxyYIsQluaF2UCrSF54ze1Eaoj4Ze_lbFeEzmdvcSl8LMfbge0v-4O59-wKbMxuYf-r5sZMFx4NfI2b2umGOeP18LV-nPKSUoStdaimnK_1oCnRUFLp96qXd9uVJOlj1VFLYxar6YkJix42tJczIsg_zKcGa-iKS6TM4-uTjN9g-G5y95jdzgHlGrHlP92TEf1iIWSWspVhRS1yDewdZP_zfbUMbEr3LOSHnTMVmCVoS33vJdbaj3lGY_73dzjQefN2IwbjmU2HsKurF14GsiddQPHXSEqyX_qS-gstc98djigxix5n_C3q8nY4A24dSAdwUmTYh3OQbmkq-uEj2oPHEjfQJ1Waqbm0xeHAJ-Foda5T1CLQEB1Ye4H0yLAKNy0isCIsbK6_TYSK6wn7Va0vhwZHmuaRTWgBNKRQnBORxXv6RtPjbcYOAlXq1gjNJBU2C7SSDn_5QhHeuQcd5XNan4j2CRsmf27deNleHxdXSy1dFMhNUScAFpQ5zjzXhmgDtYvk9bHGaEfb-_-y5Ms6RXpCFK40_lY0gVqadDv-8F_5McEyjZ8Z6WLp6GHi4McaOcGY17Bjl0A_44GUNmMaMOcQTpYzQTKfKu1aqtZvhiwHPKgesbdRFiQqPk7uq0rDEF0ywqIq5qOD15uqX7B8lD3QyK62smIkkc4bQF4bCr-MNLdSQOb9uAGPA3FA4Jhil-Zsqvddmft2BFT5IYIVPDNyVAsYk_52_uo_0mBMWFt-NfmlBzIHhQavGbU5UAAWeWDCPu-cPCY-LZXsPEyODYdMUhJBNQerhiYodAWMeriEh-PGZAgcwkaMhfkOLSp9O8NGKZbVdlqCIBjOAIxD9QhZQV7gyqpj81wkgZRBK1P-FBPGrBFq_IqzppIRLmyxHFZi-6CinBvNsMqutYVNFosp8UhZnc_nctFNsKqL5NnxRz3VuaeEfe1nsndeB6F3rmmUwyvTT4wlOb2kZZudX-RO21zZFPTb8mbvJQ3pn8ZEevqN_TZJsFQwXktn9FYX4-btJm4Z0G1HxidYG_MpkeRk678L-g4U_4iJsl-BHsSXlu7Y3asv-czy-cIN8CGK6gQaHmmvMWOEmAgXdE0xmTIuB0_yQ0s7EsIrYF8t20RJ5FnDIDMyDx87JzLW2B6YTI6oND4VJ-NyCzov-CVwjAiKvgC3qwyYSzm-JboeSP2d9cK6Z5MF9m-vZLrq6MDZLIupa7J1T4Cpz2vHbeHOZTsntzhfdOsV2VAG8MDTk0vC6dPgnDXSarKoiSVSSsCvfM0Eyt-G_6G2dRI90SSG15B7POg0f2ND0QF-ZZ4Vs-5BIP9qX5X2uHBdWUUj7nzKgqWQC8B643Jwgcg97sn6w7GHCtcAms7a8IDZ3pOkrhxfetxUlrNUghIBs9KXM-3YV7cbLx95DGaHIV0HcJzA-j_XXYVaFDwcEHH_pcfkBw9FrARDWLWaU7EkYV1vTVysKP9TRFhxsYNUK-fuu1SltlUwEYXiqRmzmlrA_L8DrCrPl8fGkX9viZpBRowKGsgJzpXtMq9o2h686EdGbaeHpymvtrrD-SIbAvqnjiNeSB10bhVg1S-uIwespEChmxn9_MF_Gli7uImaKvvgKznJJcQkWQw_4GRjoM9tkvJnU2fi5Vzxrp_Q6rfNu4qIj1W6p5XPmVKwutwWCMJtGrJ9UQUN9SzpmTkKkVgpmmkx_5LahtvrNl6Bdyr0G2G2FwEjkVGbO9pesFfApNb1a-8GrXLpaKH7WY30rO0K4ptD0Mkq7h-JrpFOPfc-P1TalV3vjDtJYSf731UTI5eXaFB_G-1asmKlMfAAlnk9uQBOJBK-tTjrRwg4mZ5JdiKhjPJRVUQgXx-foXmD9AbsIQZWw__HMBwA7IJLhLJ3bLa4B_nwaPs0AbzvEEKC7sgb3WEDeDLsjAqlJDMi9t4hVnm_MyBmiwjSEDt8pbqfZ9Xwl4-twvjz4YvVFqlzPpOeI7l5ElKnvgqZsOaPCsv7kQROVymLcD_41Fjws8ZvfB6120Yv60eJ2RZ_WcxQXuBEyFCf-VbSVO9DsYsRAfHHzouYvkk5t-lP4HszQ119W7_0sEzv5G-p2H9xhtWg-UJzid0iOkzmMGYgsfnf4Lrq30JKb9NJn4uLwlPnSJPa4GlcLPErrkg9YKvpnG1JQ1NVIv8qO2Qd_S2QgDxkN5MP607_hQDWotoC6P0-5phqAB41Hfmso3_A-lAFmnRTj8a7CU06TtgtHuv9ON1m5Obf3MG-p88Cl18E5MkZeRRsy-Md-56d1rHYm3cEPfc_Fxc8uTBpVozbSl66wB2W2fIJFGDA57Dryi4wbFLLo-El1dKM1wgFUAQQuXkwdKFTCb0srKOGSA7JnA-lS6idGJjpVmugg0JjcivkrFv6Rj3cmlS-vm3OBmVkKODAivIIt16w-xAdP51bFr7FmDVaeqG6hTcOICuglJ4KLx8SIvlm9CCXvpVPjx1PLt7l7UVRsO9B5yKWgC4_JeDIIL_nnwPN5KpympQTwUxBaafwIEU7ruCaX6I3C5ZJMKxBBa13VjcaobD39xQOCg6fhRmTKH9xL9DkQ_unffnd_hb4mndNCR-Y32WE5d2BFL_EVkXbkB19BmwE61N13dX3103pwACdQLzTl1Q_zemqxdLO1-ruygPXUXZ0GUZf0jQ8QQQiF8fRzcMXRL5bBq1IF2kGyyzKn_nunFCC54bir9VbMstb6vZGCQ13ZR8m7O7BCJVe5KT6mhwYIM8jXzpdD6AE-r7I7AJ4tGCGmJGzx_LCEoKeN2XgRaHHDjS9-4pnJPEK1dv2FkvzyEq_H_Oyif-pcGTo-IuF6feYgysA5VjYAJzTOJDGThWs7XaUfsf8l_EWLTyavlVPoL-KaOE6pkMztMQDX6M3mGhZN_rMgv8xEtbI-UYELFr9rEBLBc-EW_N_F5nbX5UW4D0SY3WaXS9RublVCZO35d3JaLbiLkWmQNA6-sJUtLr-vmYl_ogG-j9I5sSgx9BXcgFYUYRC9ugd_unJsKH2gKSJXnZW_geFTX5Bp02S2Ad3B3GAzYjaxWC3U46xXBO4sEXhy0I1a2lDb4QzR93ZZhSleStuUfQiqKonrHM7zzSr_tz5rieHOSwwSdcWZbSOObyMN52CxOP6uvw2yqI0I6kVZmeVl0rm60vCaXDor3Z6tkd3MTCgpItYeHw7Gg9oL6Vvx_gI6hqeIcy7ZRkBygu7cKpry_kTZngVVG-JbuiNEYzKbd1LRZdsVyjaieFCVwgB7FadbeLXAeeA56CcOWCEqn6033kXbMFhZRdI1varFgT_v2gr_CnOs48ktyAQkz1eqLVzY5e4Qpahm7QvZMK1_MXBg2WCNwf7yHcr4bIzlawg1oOHB81FMtDKzrg3r_ItD_yhO4DUbXWZipHKbWYe60bV8VTT0O2a9L2EVmBfdl9Np61I01Y1aJkiNbppUP6ERC5W_fuC0PGnT3MqhvjGuv7j3HPcQK4l6F5hoyDcH4USdNkg58fPsQ1wPeecvrkltyA07wfRLZTVwLJTT6gFjO5g93xPouEQ4dUnvA&cid=CAQSPAAvHhf_4OLjAJSZ1CQ61AOwGCrpj4oCfhHRVpnWfBMqPuK1ENgjVh7EcchqZj0fkfm3a5eNhRP0VOhXiRgB&vpa=auto&vpmute=0&sdkv=h.3.620.1&osd=2&frm=0&vis=1&sdr=1&nel=0&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=0&sdki=445&ptt=20&adk=3966403247&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.620.1&sid=45FFF6E9-EB4C-49AA-AF7B-EAF95FB81CC2&eid=44752052%2C44768717%2C44772139%2C44777649%2C44781409%2C95321947%2C95322027&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&url=https%3A%2F%2Faubtu.biz%2F20-behind-the-scene-photos%3Futm_source%3DNG20%26utm_medium%3Dngocptn%26utm_campaign%3DJessicaWilson%26utm_term%3DSep%2B29%26utm_content%3DTV%2B%2526%2BMovies%26fbclid%3DIwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw&dlt=1707930684544&idt=13987&dt=1707930700198&ged=ve4_td15_tt1_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.620.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
51ce366120570f2b4e5092e9310fc2ee4745660ec5627f4ea3676ca58e410cf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18876
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
video2.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		391 KB
392 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video2.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1029 /
Resource Hash
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:40 GMT
cdn-edgestorageid
1068
cdn-storageserver
NY-427
cdn-cachedat
10/31/2023 18:59:57
cdn-pullzone
829957
content-length
400064
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-IL1-1029
cdn-fileserver
353
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
7c7ca75ff3e6f86848c0414b6042bba2
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ft.stat
stat.flashtalking.com/reportV3/ Frame B1CE 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-7467377;4346718;0-310-0-5888165EA0F448-362716302-50x0x0x0
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.48.8.52 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-8-52.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Feb 2024 17:11:40 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Wed, 14 Feb 2024 17:11:40 GMT
csi
csi.gstatic.com/ Frame 4C24 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lsm1uagu&c=5591581463296&slotId=2795790731648&ghmsh_eids=44752052%2C44768717%2C44772139%2C44777649%2C44781409%2C95321947%2C95322027&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.620.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4012:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lsm1u80s&c=5591581463296&slotId=2795790731648&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4012:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r4---sn-tt1e7nls.c.2mdn.net/videoplayback/id/f824328354ab2cb2/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851352007/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/f824328354ab2cb2/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851352007/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r4---sn-tt1e7nls.c.2mdn.net/videoplayback/id/f824328354ab2cb2/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851352007/sparams/acao,ctier,expire,id,ip,ipbits,itag...
358 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-tt1e7nls.c.2mdn.net/videoplayback/id/f824328354ab2cb2/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851352007/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/84394740E6E4CA96956FB9F9630B812BAD845FCE.11C8661EB34D50603A013BF46D662C50A8B10A4B/key/cms1/cms_redirect/yes/mh/Mr/mip/2001:4958:1420:151::80/mm/42/mn/sn-tt1e7nls/ms/onc/mt/1707930155/mv/u/mvi/4/pl/36/file/file.mp4
Requested by
Host: aubtu.biz
URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Protocol
HTTP/1.1
Server
2607:f8b0:400b:6::9 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 17:11:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Feb 2024 19:58:28 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-7853053/7853054
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
7853054
Expires
Wed, 14 Feb 2024 17:11:41 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Feb 2024 17:11:40 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-tt1e7nls.c.2mdn.net/videoplayback/id/f824328354ab2cb2/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851352007/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/84394740E6E4CA96956FB9F9630B812BAD845FCE.11C8661EB34D50603A013BF46D662C50A8B10A4B/key/cms1/cms_redirect/yes/mh/Mr/mip/2001:4958:1420:151::80/mm/42/mn/sn-tt1e7nls/ms/onc/mt/1707930155/mv/u/mvi/4/pl/36/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
651
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video3.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		320 KB
320 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video3.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1029 /
Resource Hash
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:40 GMT
cdn-edgestorageid
1068
cdn-storageserver
NY-268
cdn-cachedat
01/03/2024 12:41:24
cdn-pullzone
829957
content-length
327308
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
server
BunnyCDN-IL1-1029
cdn-fileserver
427
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
4f1106a403bf9e3b36a7e55a225560e3
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video4.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		333 KB
334 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video4.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1029 /
Resource Hash
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:40 GMT
cdn-edgestorageid
845
cdn-storageserver
NY-346
cdn-cachedat
10/31/2023 18:51:57
cdn-pullzone
829957
content-length
341032
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-IL1-1029
cdn-fileserver
268
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
9485b1dbfacaef25a8a95d1baaf2190e
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video5.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		349 KB
350 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video5.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1029 /
Resource Hash
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:40 GMT
cdn-edgestorageid
941
cdn-storageserver
NY-430
cdn-cachedat
11/12/2023 01:02:37
cdn-pullzone
829957
content-length
357576
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-IL1-1029
cdn-fileserver
427
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
a6774e733e46c9ae00bd1ec96fcd176e
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video6.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		366 KB
367 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video6.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1029 /
Resource Hash
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:41 GMT
cdn-edgestorageid
871
cdn-storageserver
NY-430
cdn-cachedat
10/31/2023 18:57:03
cdn-pullzone
829957
content-length
374496
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
server
BunnyCDN-IL1-1029
cdn-fileserver
427
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
47770d670ac2c82f5ed23b10153941b7
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video7.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		374 KB
375 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video7.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1029:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1029 /
Resource Hash
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aubtu.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:41 GMT
cdn-edgestorageid
940
cdn-storageserver
NY-267
cdn-cachedat
10/31/2023 18:56:58
cdn-pullzone
829957
content-length
382956
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
server
BunnyCDN-IL1-1029
cdn-fileserver
353
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
64f29afac0812a30d6f2fa802feeab46
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
optimize
c.bannerflow.net/io/api/image/ Frame 1363 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F42e23c73-df5f-4e4c-b49b-13903f0d190d.png&w=333&h=308&q=90&f=webp&rt=contain
Requested by
Host:
URL: widget-06e3a9df-af97-43d1-a10a-be97e36ecea9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4bdf46141153dfa28b138dd6d2719e5fd4226acd66c505616e705d4ce080a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:41 GMT
cf-cache-status
HIT
last-modified
Wed, 14 Feb 2024 15:30:01 GMT
api-supported-versions
2.0
server
cloudflare
age
6100
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
8556ee864dd43a08-YYZ
content-length
28362
optimize
c.bannerflow.net/io/api/image/ Frame 1363 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F42e23c73-df5f-4e4c-b49b-13903f0d190d.png&w=333&h=308&q=90&f=webp&rt=contain
Requested by
Host:
URL: widget-06e3a9df-af97-43d1-a10a-be97e36ecea9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4bdf46141153dfa28b138dd6d2719e5fd4226acd66c505616e705d4ce080a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:11:42 GMT
cf-cache-status
HIT
last-modified
Wed, 14 Feb 2024 15:30:01 GMT
api-supported-versions
2.0
server
cloudflare
age
6101
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
8556ee87980e3a08-YYZ
content-length
28362

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.2551514%3Bsonobi%3D%5BUID%5D

Verdicts & Comments Add Verdict or Comment

290 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| _taboola string| $csrf_token function| $ function| jQuery object| adsbygoogle object| unibots function| __tcfapi function| __uspapi function| fbq function| _fbq function| gtag object| dataLayer object| __twttrll object| twttr object| __twttr object| instgrm object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| regeneratorRuntime object| core object| __core-js_shared__ object| TRC function| _typeof object| _tblConsole undefined| msg string| pm_pgtp object| tiktokEmbed object| google_tag_manager function| Hood object| __tblPushGlobals object| _taboola_notifications function| showTBLPushPrompt object| googletag function| onYouTubeIframeAPIReady object| gaGlobal boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl function| google_sa_impl object| googlefc object| totm object| mvPlayer boolean| UBP_DEBUG function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| runCMD function| unibotsLog function| insertRequriredJsToDom function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| fetchJsonData_new function| scritpTestLevel function| switchScript function| unibotsPlayer function| initMVPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZmYzMmNjYThhYjNmNDJkOGxvYWRlcl9qcw== string| ZmYzMmNjYThhYjNmNDJkOGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| udm_ads_queue boolean| udm_edge_init object| _qoptions object| _qevents function| __tcfapiui string| GoogleAnalyticsObject function| ga number| taboola_view_id number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| NjY4PXN0NzP3GTQ2D6AxNDY4MjE0NoL7 function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg function| quantserve function| __qc object| ezt string| nam object| placementData object| udm_r3Chunk object| udm_r3 object| _pbjsGlobals object| mnet function| endedHandler function| udmPbcsRun function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge object| udmRenderRates object| google_llp boolean| google_plmetrics object| geoData function| checkFrameandInitStartFun function| processData object| gaplugins object| gaData object| google_image_requests object| googTempStyleOverrideInfo object| googNavStack string| key object| defaultKv object| ftSharedObject object| udmCompiledBlockedCreativeIds object| udmDefinedBlockedCreativeIds object| ua_fields object| cmTag function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| _cm_wfCounters number| lnt_z function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray boolean| google_empty_script_included boolean| c262d9cf-c1c7-4a38-aac4-eb6f6a0e30c2 object| ubp_pbjsChunk object| ubp_pbjs object| _ubp_pbjsGlobals function| io function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| vttjs function| WebVTT function| videojs function| videojsPlaylist object| $jscomp object| canAutoplay function| videojsIma function| videojsContribAds function| isValidVideo string| myPlayerGabywa object| oldScript object| attr object| closure_lm_743392 object| closure_lm_342062 function| prepareAdRequest number| kvNum object| vastSplit

108 Cookies

Domain/Path Name / Value
.taboola.com/pawsworld-aubtu/ Name: taboola_session_id
Value: v2_38077d24083c9851412bbb5f210898b7_ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0_1707930688_1707930688_CNawjgYQ0-FVGNO36MTaMSABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABoydnjgLWAosvLAXAB
.bit.ly/ Name: _bit
Value: o1ehbn-7310f4cdf84299fba1-00u
cdn.taboola.com/ Name: abLdr
Value: 25
.aubtu.biz/ Name: _fbc
Value: fb.1.1707930688040.IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
.aubtu.biz/ Name: _fbp
Value: fb.1.1707930688046.800599626
.udmserve.net/ Name: dt
Value: 31BBA7E7-5316-39A5-B745-BA2CC53603B2
.aubtu.biz/ Name: _ga_0NE7QEYY49
Value: GS1.1.1707930688.1.0.1707930688.0.0.0
.aubtu.biz/ Name: _ga_E0V1KFEERL
Value: GS1.1.1707930688.1.0.1707930688.0.0.0
.casalemedia.com/ Name: CMID
Value: Zcz0QEt3ueYAAHrMAD2kMAAA
.casalemedia.com/ Name: CMPS
Value: 1298
.casalemedia.com/ Name: CMPRO
Value: 1298
.adnxs.com/ Name: XANDR_PANID
Value: V7B397dzd9-v5N4lDP_xQEjwiZBWlEuuv9Cjy_pZpOlwtXeSA3ZXs4uaY8BUOz9dgpb4-yQv6K6I3tQVwAf_l5PpQJSG5b6-oEmlxVDSAZ0.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 5976599867382856814
.yahoo.com/ Name: A3
Value: d=AQABBED0zGUCEIJE13lE4AqlCABlcSSyr5EFEgEBAQFFzmXWZdxZ0iMA_eMAAA&S=AQAAAgtWdRnkYjN3qsZrbSKZG-M
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.aubtu.biz/ Name: __gads
Value: ID=b99c8ed4c5daff5b:T=1707930688:RT=1707930688:S=ALNI_MbVpjVcSv6jos1zUGXxwsxg5M_Jcg
.aubtu.biz/ Name: __gpi
Value: UID=00000dc9e202fe3e:T=1707930688:RT=1707930688:S=ALNI_MZQGpNw2p3IZX7ddAmDhOU5SUjwqA
.aubtu.biz/ Name: __eoi
Value: ID=4295381e01ebf362:T=1707930688:RT=1707930688:S=AA-AfjbDMjyU_n5jOunxFEwz0f1E
.taboola.com/ Name: t_gid
Value: ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0
.taboola.com/ Name: t_pt_gid
Value: ac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
.taboola.com/ Name: datadome
Value: LMFx2RA4W4UTVYQJSvlZCNQJI0l~13GfVuBlWAxLdtEtrGavamddawsVQ7M2yP8RfrelPd1P95X3WYmqmcfAGBcGlZ_RWQhtSvxR_lVz_jygm0AzufT9VqVTOUVVBt83
.udmserve.net/ Name: apnid
Value: 5976599867382856814
aubtu.biz/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dac7d1ed9-0780-4027-8f8b-a429e715a1c0-tuctcc679c0
.pubmatic.com/ Name: SyncRTB3
Value: 1709078400%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 29CFB2CA-6238-497B-82E9-A73031A5A44E
.udmserve.net/ Name: yahoo
Value: y-RSfgsm9E2uIeXm.g0VtDmG8_w8lNb1ib~A
aubtu.biz/ Name: udmsrc
Value: %7B%22utm_source%22%3A%22NG20%22%2C%22utm_medium%22%3A%22ngocptn%22%2C%22utm_campaign%22%3A%22JessicaWilson%22%2C%22utm_term%22%3A%22Sep+29%22%2C%22utm_content%22%3A%22TV+%26+Movies%22%7D
aubtu.biz/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.aubtu.biz/ Name: _sharedid
Value: 6d5fd495-6f00-49cd-8f8d-3f14c0c7aa3c
.doubleclick.net/ Name: IDE
Value: AHWqTUlT65meQdckPsKm7EW93h4FoSBFL8Yxtq3_zbYfc33vTP5sqmk9fM-BT5FN-Lo
.mgid.com/ Name: lmg_usr
Value: 1f54ee41-59ba-4aca-996c-b816f5ae1777
.mgid.com/ Name: lmg_r
Value: 24
.technoratimedia.com/ Name: tads_uidp_37
Value: 06a9aec3-bd5d-3cdf-b2a0-854c9ff7aa4e
.technoratimedia.com/ Name: tads_uidp_46
Value: 5647226842134259221
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAFzLSaVicp9QN7nZRfAAAAAAA
.technoratimedia.com/ Name: tads_uidp_62
Value: 3509117607045036000V10
.technoratimedia.com/ Name: tads_uidp_73
Value: AAHv107LmbwAABJhpflCgQ
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-67b726b9-255e-4a11-a92f-42c2d101e344-005
.technoratimedia.com/ Name: tads_uidp_79
Value: bd294cb3-874c-4933-a0f3-f861f757275a
.technoratimedia.com/ Name: tads_uidp_82
Value: Zcx1PNHM6NEAADtoACFJfQAA&3457
.technoratimedia.com/ Name: tads_uidp_88
Value: 1030097094194002809301
.technoratimedia.com/ Name: tads_uid
Value: 54474B5AF93641A18151A055347AB42C
.technoratimedia.com/ Name: tads_uid_cd
Value: 20240212020128+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.udmserve.net/ Name: mgid
Value: 1f54ee41-59ba-4aca-996c-b816f5ae1777
.adnxs.com/ Name: icu
Value: ChkI8vGJARAKGAEgASgBMMHos64GOAFAAUgBEMHos64GGAA.
.udmserve.net/ Name: sncr
Value: 54474B5AF93641A18151A055347AB42C
.aubtu.biz/ Name: _gid
Value: GA1.2.807004243.1707930690
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.aubtu.biz/ Name: _gat_gtag_UA_153122571_11
Value: 1
.aubtu.biz/ Name: _gat_gtag_UA_138655475_60
Value: 1
.aubtu.biz/ Name: _gat_gtag_UA_276513175_1
Value: 1
.udmserve.net/ Name: magid
Value: LSM1U2LG-27-BO6V
.aubtu.biz/ Name: _ht_v
Value: 1707930690.8403967611
.contextweb.com/ Name: vf
Value: 1
.contextweb.com/ Name: V
Value: CD8sOeM2uDXX
.contextweb.com/ Name: wf
Value: 0
.contextweb.com/ Name: ccpa
Value: 1---
.pubmatic.com/ Name: pi
Value: 156505:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.openx.net/ Name: i
Value: 6d5fd495-6f00-49cd-8f8d-3f14c0c7aa3c|1707930690
.rubiconproject.com/ Name: khaos
Value: LSM1U2YM-1P-KT9Z
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcK1HAd5PMRadjp6X1XS67N80UiJJiqwnveZbUwNp6r8ns/yDPVoBV1azsfLX/PlklNIHHY/eKfzM0umTAM8NrywIo8tEQuGXfEijy0RC4Zd8aZr5ZVxLWDe
.prebid.a-mo.net/ Name: __amc
Value: 1_1707930690_1707930690
.a-mo.net/ Name: amuid2
Value: 5a917e9e-a412-450b-b8b4-7c7d8a2b1458
.prebid.a-mo.net/ Name: sd_amuid2
Value: 5a917e9e-a412-450b-b8b4-7c7d8a2b1458
aubtu.biz/ Name: udm_edge_floater_fcap
Value: %5B1707930690838%5D
aubtu.biz/ Name: udm_session
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: APC
Value: AfxxVi42rsXesWyN3Gi1wcIJHII69iWRQqP_T2zKM9y4mOopXfCo8g
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=5888165EA0F448"
aubtu.biz/ Name: XSRF-TOKEN
Value: eyJpdiI6IlN2ZDgwM1pudS90SGNSWm9TUk9HZ2c9PSIsInZhbHVlIjoiS3BMbHhTYzVyVGMyOHpKTHd1OWg0VnVzOVQ4aVArN2JtVzhtNXh1R3BkRmE5VlZCSWQ2ZENxSG1SQy8wZ3J0ZlluMHcwV0pMRitQZ1hKVVZORTVrc2hqaHpKaGIvMXJVMktON0pWcUo0VTM1TnB5RUNvZUwrblBENVhsZmhaeXUiLCJtYWMiOiI5YWMxNmE0MThiZDU4YzE3ZDA1YzNhNDQzMDFhZDc3YWRjZTVjOWI0YWRjZjVjNTk5ZmViMjRhMjA2N2RiMzk5IiwidGFnIjoiIn0%3D
aubtu.biz/ Name: aubtu_session
Value: eyJpdiI6IkRoWDY1bWE0bjVBS1JaQkYrRFFmV2c9PSIsInZhbHVlIjoicng0THRnNXlGVzlyNEFSYWhTaW9lWitOS3dOWEZBK3E0SmpHOENjRzBTMEZkY0EwaFlGUUE0czFIREVLeEYvQlByVkU5Mk83SHZuUGpRSnhGN2VxbEhqelJCQm1yTHRqOU9yMnVhNExWOEpUNHFxdWJ2bFRUMHh6WHl0S1Yxc1giLCJtYWMiOiJiNTgyNGM5OTc1OTZhN2MxYTE4YzZiM2Q2ZjdhN2Y4ODE0YzViM2RkNmY0MWQ0OWI1ZjQ3ZGI3NGU2YmZiZjFjIiwidGFnIjoiIn0%3D
.udmserve.net/ Name: pmid
Value: 29CFB2CA-6238-497B-82E9-A73031A5A44E
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.aubtu.biz/ Name: _ht_s
Value: 1707930690.3
.sharethis.com/ Name: __stid
Value: ZGAADWXM9EUAAAAIB6imAw==
.sharethis.com/ Name: __stidv
Value: 2
.udmserve.net/ Name: udmts
Value: 1707930693.0
.udmserve.net/ Name: geode
Value: "63832698693:166.0.205.80:124:C1660:D124462:S65:ca:montreal:ZZ:h3h 0a1:wired:hosting:?"
.aubtu.biz/ Name: fpestid
Value: iAX6A6YACtpaLjGhSlUobLAvtxZzc5Vxa4Es55zc-Tp0ef8WW2rIOavBMW6CBf_DriubxQ
.aubtu.biz/ Name: connectId
Value: %7B%22puid%22%3A%2222ae3bf3fabb796e4316956d7b9a4c1a9bec1fea839983f549fd8446f9d8f0ed%22%2C%22vmuid%22%3A%22y42TgDbdhBKxBuxPi9y1Fif5sMApHnOrvD4JxRd3k9E4eEgBFgTP5Qm8jkRKsEO4tLtqdYYRjhILadZF3eHJGA%22%2C%22connectid%22%3A%22y42TgDbdhBKxBuxPi9y1Fif5sMApHnOrvD4JxRd3k9E4eEgBFgTP5Qm8jkRKsEO4tLtqdYYRjhILadZF3eHJGA%22%2C%22connectId%22%3A%22y42TgDbdhBKxBuxPi9y1Fif5sMApHnOrvD4JxRd3k9E4eEgBFgTP5Qm8jkRKsEO4tLtqdYYRjhILadZF3eHJGA%22%2C%22ttl%22%3A24%2C%22lastSynced%22%3A1707930694081%2C%22lastUsed%22%3A1707930694081%7D
.aubtu.biz/ Name: _ga_YRNMJ55HGC
Value: GS1.1.1707930687.1.0.1707930694.0.0.0
.33across.com/ Name: check
Value: true
.adsrvr.org/ Name: TDID
Value: be8f4702-1c90-4978-860e-bd2d2fbd9362
aubtu.biz/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22be8f4702-1c90-4978-860e-bd2d2fbd9362%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-02-14T17%3A11%3A34%22%7D
.quantserve.com/ Name: mc
Value: 65ccf446-e65a7-2baf6-a4a91
.aubtu.biz/ Name: __qca
Value: P0-1473472514-1707930688965
.aubtu.biz/ Name: FCNEC
Value: %5B%5B%22AKsRol_ePbCS-TgRYCSQuBLLDRJ1RbriXdZxOIfeS6GjPJG4jWOIzrY_qTZ4jyPiAqPaUhhKfTHRt4FiQdqrvtksZfRuHyCQCPUfnaRoHAXITw3bImIU202sTyihnRn-EyD3xNWibdZvZhdWRgGWchXn_P49dKKUBw%3D%3D%22%5D%5D
.flashtalking.com/ Name: _D9J
Value: ba0985d5377e4d73b80fe7b984d7df19
.t.sharethis.com/ Name: pxcelPage_default_c010_B
Value: 0_6_1707930696178
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwji8v601-LWPBAFOAFaBzFoMXkxYTdgAg..
.analytics.yahoo.com/ Name: IDSYNC
Value: "19di~2gr5:19b8~2gr5"
.ml314.com/ Name: pi
Value: 3642068995841458201
.eyeota.net/ Name: mako_uid
Value: 18da89a3bb8-9490000010a49de
.eyeota.net/ Name: SERVERID
Value: 18910~DM
.exelator.com/ Name: EE
Value: "f16b5db66b0382616e44e3fbd49c5beb"
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: cc703b56ea1a620c27d3afc02da921bc
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHN0CzJNCXJzCzJwNjCyMzQLNXEJNU4LSnFxDLZNCk1aXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIcEl%252BUWb6ImfHxUUpaQyLSopPBR%252B74gsAvV4q1A%253D%253D"
.rlcdn.com/ Name: rlas3
Value: Nf8fuJIenuSti4BXmioXh61RXvJlazmzYJO37lTMHNg=
.rlcdn.com/ Name: pxrc
Value: CMnos64GEgUI6AcQABIFCNtOEAA=
.aubtu.biz/ Name: _ga_XXJ8PP2E8P
Value: GS1.1.1707930698.1.0.1707930698.0.0.0
.aubtu.biz/ Name: _ga
Value: GA1.1.130507260.1707930688

421 Console Messages

Source Level URL
Text
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/664671111664184?v=2.9.145&r=stable&domain=aubtu.biz&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://bid.underdog.media/udm-r3_v2.23.3.js(Line 4)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g&tid=6812&l1=193398&l2=GeniusSports&l3=7467377&l4=4346718&l5=&l6=&utid=AEF2181C-544B-97B3-391A-12E61F48F1F3&creative_type=display&adid=ftdiv7467377&pub_app=&pub_domain=&uid=&cb=238998.7549389062&pub_ts=1705942272&306487240(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g&tid=6812&l1=193398&l2=GeniusSports&l3=7467377&l4=4346718&l5=&l6=&utid=AEF2181C-544B-97B3-391A-12E61F48F1F3&creative_type=display&adid=ftdiv7467377&pub_app=&pub_domain=&uid=&cb=238998.7549389062&pub_ts=1705942272&306487240(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g&tid=6812&l1=193398&l2=GeniusSports&l3=7467377&l4=4346718&l5=&l6=&utid=AEF2181C-544B-97B3-391A-12E61F48F1F3&creative_type=display&adid=ftdiv7467377&pub_app=&pub_domain=&uid=&cb=238998.7549389062&pub_ts=1705942272&306487240(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g&tid=6812&l1=193398&l2=GeniusSports&l3=7467377&l4=4346718&l5=&l6=&utid=AEF2181C-544B-97B3-391A-12E61F48F1F3&creative_type=display&adid=ftdiv7467377&pub_app=&pub_domain=&uid=&cb=238998.7549389062&pub_ts=1705942272&306487240(Line 1)
Message:
Failed to create WebGPU Context Provider
javascript info URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g&tid=6812&l1=193398&l2=GeniusSports&l3=7467377&l4=4346718&l5=&l6=&utid=AEF2181C-544B-97B3-391A-12E61F48F1F3&creative_type=display&adid=ftdiv7467377&pub_app=&pub_domain=&uid=&cb=238998.7549389062&pub_ts=1705942272&306487240(Line 1)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g&tid=6812&l1=193398&l2=GeniusSports&l3=7467377&l4=4346718&l5=&l6=&utid=AEF2181C-544B-97B3-391A-12E61F48F1F3&creative_type=display&adid=ftdiv7467377&pub_app=&pub_domain=&uid=&cb=238998.7549389062&pub_ts=1705942272&306487240(Line 1)
Message:
Failed to create WebGPU Context Provider
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 510)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://aubtu.biz/20-behind-the-scene-photos?utm_source=NG20&utm_medium=ngocptn&utm_campaign=JessicaWilson&utm_term=Sep+29&utm_content=TV+%26+Movies&fbclid=IwAR0whCDrdIa0HKwlZLNOlv6RYcsW0qzZMtczDlqbt70f7GO92tic-zocZjw
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
ad-events.flashtalking.com
ad.doubleclick.net
agen-assets.ftstatic.com
ajs-assets.ftstatic.com
api.unibots.in
aubtu.biz
bcp.crwdcntrl.net
beacon.taboola.com
bid.contextweb.com
bid.g.doubleclick.net
bid.underdog.media
bidder.criteo.com
bit.ly
buttons-config.sharethis.com
c.bannerflow.net
cdn.adnxs.com
cdn.flashtalking.com
cdn.ocmtag.com
cdn.socket.io
cdn.taboola.com
cdn.unibotscdn.com
cdnjs.cloudflare.com
cds.taboola.com
ch-trc-events.taboola.com
cm-x.mgid.com
cm.g.doubleclick.net
cmp.inmobi.com
cms.analytics.yahoo.com
connect.facebook.net
csi.gstatic.com
d9.flashtalking.com
data.ad-score.com
embed.reddit.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
imprnjmp.taboola.com
js.ad-score.com
l.sharethis.com
lexicon.33across.com
loadus.exelator.com
match.adsrvr.org
ml314.com
nym1-ib.adnxs.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-us-west.rubiconproject.com
pixel.quantserve.com
platform-api.sharethis.com
platform-cdn.sharethis.com
platform.twitter.com
pm-widget.taboola.com
prebid.a-mo.net
prebid.media.net
pro.ip-api.com
ps.eyeota.net
pubads.g.doubleclick.net
r4---sn-tt1e7nls.c.2mdn.net
r4---sn-tt1e7nlz.c.2mdn.net
rules.quantcount.com
s0.2mdn.net
sdk.ocmhood.com
secure.adnxs.com
secure.flashtalking.com
secure.quantserve.com
servedby.flashtalking.com
sf16-website-login.neutral.ttwstatic.com
socket.unibots.in
ssc.33across.com
ssl.connextra.com
ssum-sec.casalemedia.com
stat.flashtalking.com
stats.g.doubleclick.net
stream.unibotscdn.com
sync.go.sonobi.com
sync.sharethis.com
sync.technoratimedia.com
syndication.twitter.com
t.ocmhood.com
t.sharethis.com
tpc.googlesyndication.com
trc.taboola.com
udmserve.net
underdogmedia-d.openx.net
unibots.b-cdn.net
ups.analytics.yahoo.com
us-match.taboola.com
us-vid-events.taboola.com
vidstat.taboola.com
vjs.zencdn.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.instagram.com
www.tiktok.com
sync.go.sonobi.com
104.244.42.8
104.36.113.110
104.36.113.111
13.224.214.118
13.224.214.58
13.224.214.91
130.211.115.4
141.226.124.48
141.226.224.32
141.226.224.48
146.75.36.157
147.28.129.37
15.197.193.217
151.101.1.108
151.101.1.140
151.101.1.44
151.101.193.44
162.248.18.37
170.187.252.201
172.104.206.52
172.253.115.155
172.253.122.148
172.253.122.156
172.64.151.101
18.222.52.200
18.238.4.9
198.148.27.131
208.95.112.2
23.1.197.91
23.21.160.120
23.215.0.17
23.222.12.49
23.48.104.81
23.48.8.52
23.58.225.215
2400:52e0:1a00::1029:1
2400:52e0:1a00::1067:1
2400:52e0:1a00::718:1
2600:9000:20ed:d800:5:c4ab:c3c0:93a1
2600:9000:20ed:e800:1d:85c3:6640:93a1
2600:9000:25c8:3400:a:deb0:3380:93a1
2600:9000:25c8:5800:6:44e3:f8c0:93a1
2600:9000:25c8:d400:1b:cadc:ef40:93a1
2602:803:c002:200::32
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:4700:20::681a:6e4
2606:4700:20::681a:7e4
2606:4700:20::681a:dd6
2606:4700:3034::6815:513
2606:4700::6811:190e
2606:4700::6811:ca6e
2607:f8b0:4004:c06::64
2607:f8b0:4004:c06::95
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::84
2607:f8b0:4004:c09::65
2607:f8b0:4004:c09::93
2607:f8b0:4004:c09::9a
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::71
2607:f8b0:4004:c1d::9d
2607:f8b0:400b:6::9
2607:f8b0:400b:7::9
2607:f8b0:4012:809::2003
2620:100:a001::c
2620:116:800b:21:c1e8:5385:5098:6bf0
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a03:2880:f203:e5:face:b00c:0:4420
2a04:4e42:600::729
3.134.24.173
3.14.137.50
3.233.22.19
34.117.77.79
34.120.63.153
34.149.20.76
34.200.65.202
34.98.64.218
35.244.154.8
35.244.193.51
44.206.112.94
44.238.141.43
67.199.150.87
67.199.248.10
68.67.161.208
68.71.249.118
74.119.119.129
8.2.110.161
8.39.36.141
00e877f3c7aeb6c8d7943cf476bcd116310821e843da5d4eb8f0c6bed92b8556
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
055dbf3aa578627e5863b7d2afbfbb4b903e0c1485cbaabc404f9ed47c6da3a7
0b27d34226cc692a7d586e6371204cfb33d9a603fc42f7f0e82d74586bad320b
0b59c84236e1aa480f6e46307bc58e447153f649c3e78390495b1ae6ef08730b
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0c0a9ea12a31459021f547029060b7edda447d4ca0b6fdcb4621965f2e995bc1
0ccf317a671f2a302308208462181077cf964f37540f3cdc5e2f1b4d01d879c4
0fd1a3ee39b854a12c5831a4465763e2db54524ab2f81dbbd0933c93333cda67
104e0c0ae702e5f793ca14f311ea4ca6045f54e4e341fc8057877e1f4ec6ae0a
10ec534a3066956a91ba42ebaaf02f3ff1f933ce3cc387c3e0a07c910f98c22e
115d3d222e948b73289c8180d4c821ae08feed8d7c3c62d7abff966e1f890bbb
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74
11c4605115c3f94c799652950f0385338c17c34fb1c1bc33f0ac447bbc458f7d
127f0f4a142de6eb98c8372b42114331ad239ba656edc959f07fc0f3baf4bc35
128807e382b2823b22c893c3c363e358dc8ab839062af7550cbfae790ea5c7ae
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
1326ec9f555d7110f760f8bce30b6d0ca27ea10a1f953a727d73bffd945de7fc
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
176d61cae564e04654ef56ff8644b0b87289f80af65f4a6168e0687c9702fa24
17930c39a121263bf0bf86d5a585d444f689d7f9c952f9ac0cf7bfe7cbc6d898
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1810599ae6f90c490cb7d6b60b4b25314ddcc36e260f6564e03c665f506fcb1d
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024
1a7085cbb434f1a55934b91e973b0601dcf8a63572639d7f87db23131c6c756c
1ab8decd2652f344638ca63854d6b3571dee5534076c9d4fc5954306fd40ca41
1bdb8afc29fe9b29e5aa5465faad34e40f9355a05a1fe20e7ecfaf709ee8f233
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e17103af4adc7602c2bef81ef6a45f83b558713d22d86a488f1a3b6ff0aaee5
1f0cad624cbb2c272ccc7852ae9a4aeade8af3c583aac91a8055cfa8ae47af8c
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20733a4b7a7b865ae6f20a13bef08fb7741c618c862d9b239d56e1d3fe792c32
20aa9d8cb4f435f12cae4404fd6f26e0c9f73ca45207a295bfbe0e7333afd4ed
20db9f44d2c21673244ab85bf97ad1864ec6aaf63927464d3cb30960760e192e
2139fcb6d5586442247ed31ab4133bfa6395b51ff5765df3f7cebf86ac809048
237eef813202c49c70ff131c7af8b1c37c0f8614f5d0ea9ebdde22e15cad8942
23812654c272bc61f612225e8d7ed0fca6bb5533d4fec3887bced90f8f7e65e7
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
2b3b45491bebb5a752c2119c376e876d93ac7576d0bd913adcc24f210ad18aa8
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2b7d3d5839d3c7b752a3e71aa4d50f3335015265bd64e15c80684020aac63882
2ba1d3fb4f52891d8df2c65ef642cb52f2657235f6d7ac7c4b015773a4bcaebb
2da5e0a4637e412b237d8a941f6800b3748cbdc969402c1cac8d3174e43d597e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3c4343041d1e971ce75d38c53741a58f5e8b2c5dfb6b3e23b1b8f19bc9a2b20a
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
41302216961daa6224bd5ccec5fd946ebf26cd1685e6911c02ae75703e480ea8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
44cf9986188524d6865217bc88d034930fbd0945db4086c251caaa0486ab8479
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
467d3166ac18fd493d20fd168128d5bf07189398af1b698363549dae467c362e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9
473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
486ac1c74d1a2d3b7d0af9377dd58e498439bd478f1b5d88bc3dcc5fdd0298e4
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4a3f91004dd23dad8c7f4885200c8a5fd80504b7d4b51c26e20f49a48d030402
4bb4b640d1688934d0ace6bfa7931c5e2f72d582c63e4815964d77bb4c4c8d96
4cc96f24c8f3f9ea8df7a3fac5f862530625198361789a3c97fb46e1c0e7b272
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef
4f75eae206de7f9455cc35dd08e252a381cb5237c9de625992ab3223683b2970
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc
50b7a6646c21d2ead8c6d66a8236173109136b24e329650cbefdc6a26539c4ec
50b9b32493095c6ce4391b1faa2588105712b6c3350fddfdffbd4670708e53b1
51ce366120570f2b4e5092e9310fc2ee4745660ec5627f4ea3676ca58e410cf8
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
52b7acfc26504574f0efa509579d54ada9833a8d934da4545d1a8cd1640f463a
52dc362cae7e441a98741305a38b045859ac60e99377d9d88922ec32cb944cfa
52e0349a641604d5204952039bfac8acde78242227defae8864d1caa48b8c5c1
53204067e4480cd48452851810064e68acb7c7c1027c0d43bed74d6f291849e0
532584b26d9fe644c6aaa11b13a0eb1ee98ffb6a38978255b2a98163dbb0e789
54913be8026053208de0892dad4b1074e037df14febbb277c929eb907f52e4cc
55d6c3f957a460b764388ec4149862ecb8a9ef0fcff9665cb8b1e412528aa9af
56375843c5404aa4d4f757dc49aa63d191fee16bf806c594ab5be4781e793681
58e299f72494c4f59a2d35594612a07a3e1e75a83579512773c6ef8d4a13bde0
5958ab789b2bfbd3e07ff776ede58598de0f8fc62f46a01c763480bbb5b0b650
5a3043143dd7e73c568e6ab46e009e2242cf9344de8689bc62131266864cd8ad
5af76b8c97acd66d2de3534bda06f5bee64f1bcc2474c96f460a7e67318d0322
5baccfd571abd5e5884066c487b815694250f555a2a8ab2b192d6acb7e85df24
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60e5280f5bd5f4e1d1908201cdf0bf200e6eb1d3a1b850d3c3c66bbf4f385cd1
6295dd65726503036a4ebc989d4cfc73e73f7e1bde4274e523d3525442669795
62eefdb70cb6728f0f3cd4b84920e0f835420ee91967dcb61b8350f30c4f2671
644f6a23096041fbc24d6e80f10c23757f7a4d10d91c82ef164f4f61f2b55199
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b
6784bb37655c673d630305efa22397e439f6c6b4b846ad7cb14daad00fedd16c
67900ebbc293090186ae226a196379ae51a6e173ad4bfd8b8f63db7adde74a8f
68472deb2f20312c692efb85b94f6de29b7ecbc5d554016fe267c4b6d20175e7
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde
6a21907ca6d0f36dd28404106c1e811de6662c8f2e009c55bc9ff11b9946d2ac
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba83b26dede7e2161a4dae0cf9babf33acd1b29cdc12748bf2ecdaa2d3f16a7
6d275b5f9293c043be9edcabd91840660933bd0e4226694a803c3c505cfcce8b
6d899820faeebab057811f6827269af0289d0e2b7f3b7410c253933704155f35
6faf5b4c5741eb6f6452815b7eec5d193dfa88e859969cf1c1ba06bc48b1c4e0
7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
70cce706b0ed693542b2a2570b6eaeda2ac15037e50494a179c6de56be0bf22e
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
72062a13f7c3b81d15253bd33ffcc6b61090372cc405e621adc7458613cec7f8
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77a0cb3657198fe84cd7e35701eed9aa61ceab2fc36cd8cef930c833939de1c9
7d760d29fb558ccc5bc965a3a7cfee2b0634d2d7f5f286e20a7b19ed48fbfef6
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
837952667afe5b3e25ecaea19e3884e52add3125525a16d5c513270c9c50a8a9
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54
869dbf213c53f05ca45d1c99d51bb00e6924671f01e036cd48194412e254e0c9
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
88edeb0da79da2ee0a1c7a42eaa5ea314965319d967c439b3e9c4eda2b1c010b
8c107541703c4d748d507c1827566254c8a950dc913e83f6ec490e5cec3eca0f
8c40ba50e863c43ab12a9f249119205e66a688e943b32dc8d2f07f170ebf6c76
8cbfd50bd7880b1e61afcfd57a9ab77a4b6182db7d0409b4c6faf87dfdc9d533
8d85304f3f6ec4e79db5aa5c63bad5133760453a279223862a6d1ca36df29e3b
8da0e4480f4de59c40160daf8d6dfc960f90d47e27c205214ccf8f2e7073e819
8e7685c9817b088508b635cc43658ba61232218764168690499825ee72f0646b
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
8ef96539cd24f4ee5f783f4c4c5299d42a8cead58ccd6bf600bd31cd1ba315fe
907c7c3cc61d1160481c1f4a9fcad333e4650a06baf38eb5ad57769d6de05794
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d
913c656964ae440b6b05d8faa7212450d9b90bf5c6f968f474c6fe2692c891e1
91c53f7a804716a16d131556c09efa816bb33aa8826e6255a79639d03e2f16b0
922d4da282d293c336566051f41dae7816887614c45bced7a20fd4648f0b5180
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
92ac63b055a0172465a68175250e5675b215a83733c116221f5785abe552c256
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
94b3b8a89a5a798415361b640e2bf5b8df784c3e3589a865ef31710e8d6d0314
9586c19cca11c7afffb900a4e40913da55cebac5f33059a766b46234a76fe9b2
960c6e77d21e67edf35d4089c31f5f668576440998dd13f8e02bc9609776d360
961b4ecddf097e8aafabb2e61ed2d652cbbd5eafb4b92f2e4e68e493ef71fad3
9657dc7a04f3ead67af9ef8277314e52acdcc932fb655b485d0d77aafb603853
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9878481b8acfa8e5318556717220f80fb5bdba2151d63ccc9b0b485156ac723d
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2
9a4f01c2a29ea820354570fb8b9b457ccfff422a40509dc96e318b46788f1277
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9bf0a61b4a6ea675667797f8451a7d3f0384a6dc1b7d7986a5e2541acb503953
9d4133d08a5cec0998522a7160c5ed8866415d4349616a96447ed5d54126ba61
a040fa43a3d290f5836b4310aa18a1933fb5e4df24005a6a0741c9e9789a9756
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a220277de8b31c861ef662f6ed07432996bf17a8841e19b03c7a6ca684dd7b9b
a2290d3e896927e562689f28fac313e1d30bf137ce7a1018428ebbeec7671e38
a365544c88ea14f136651c4331313b926f76259ae31424028c9d3ac1023655e2
a4c3d3313a78c50dc7cb741cd059d9caa9b7dcdbdee7576477b41d013417dc6f
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a6992ecd8240bf68c6e363a53b3ea14a2b21377ad18bc8637342295a07d3ede0
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a7cd9464b53b67e8af97224898bc022e4384a964dfa55ea7223c1eae8457eca0
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a809a030c337778e2a789c66dd7d1b08419dd344f7944912c215a16163e10a0d
ab3b15e47d62b085e3e6b2f258e8d7d124908ea733f5a0a8ec51fe5a189ccbe5
ab8fb747eac860bea762e211ee09a0c842e90b20ac38a3f32c2384404eefc550
af661747e1e16baf44ab1687ae16a5bd53e09dc39f110beb2e4532782f2c5047
afdb7da70cadb7f081878a3df33f1634c2542cf54ac71bc0e3da76530b6e75ca
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3371d96ed7848b7969db5a444ceca733582737e0a4da79db081ac82a7c89964
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b4a66f998616744d49369711c67a0567aeafc62d9f0edac92d2ba2a42141be6c
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b98a011e7c6eaa8735de070567d5061ece01f886e8123808f8cb5f0b6cb8ed51
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bbf0d9a345da69fe11f46ad813bf6f9c55afb752b7ca38b299d7e19ac61dfff6
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bebb89f30c2f5181121c216e49dacbad95bf4e4864927466a5d72195f7848f72
bf9062e31835b30bd5fa9a38d421f81067064560a442a054c3a1875dc043210f
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766
c544fd959e80136cd60d9821bdf2a5b47111f6ac4f730e0a5835fb4a580b8fca
c61c050678dd8b3f4a7a9ed2f522bdef895d70837e012a83612cdd94a8702a64
c663114080bba9f6351e06ed7c9612113c1cb37f304d3d841bb56c002ba9e73f
c7a25587c4535482dba7e7a3a490e4edddcde435aa5a6d9d0fbf8aafa477498a
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
ce095675ea5298dfa1fb4f00b865391dbc8e11fba004bb46d7c21bbc2e36776c
cf530e82b09fa5e1f6d346ce80303378ae78b94cbfc10103102c40b05e386c81
cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d2ec1c907004fb1a0d9ade9e9f5d3b19efb55a0319dbaadaea734d86cb5e4c66
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d8701c8bb320cb852d02c0272620a515ec1df8fd3f7dffefa3ff5169436d9499
da83a786f931dde4581ab5d39b68a10231f7112888835abb1f886ae50cdfdee9
da9a371abab0efdb74bba17c74b0a5f7262a8ee65f839c2e538a780284b383ed
dac7d269de1b7c588aed44c9d137ff62b10717e1521b820e5bc4c8a089fa9879
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
db17c6869684741a1d70cb30833b79a94d6f2c34757bb7bba6c639a073701b5f
db1f07780b354d90ea4ca451002c2dda669a3a5bc3f8e8b00b96b13d1494e5ba
db4bdf46141153dfa28b138dd6d2719e5fd4226acd66c505616e705d4ce080a4
dc15d2dbaaafa80d89a77adf365ea3a2a728c8eefc36b9872b06b78d7d919b49
dcf15565e7d95f4703c19d855d0b8c38e78a90cee6a8a26377432682ef1b5eab
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
ddf292f788bdbd0c3efa85eddf4deebf608a7de8aa307726719d068dba343bb1
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e447ee4df3219da6719b4398eb71308bd05f59452ea6324491e5cc1ff3f707ef
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e66ee1b1e9274e0cc51176c8532dc781a5507bf6c4841fb6c9b591fb27b9b5c2
e83171a76657083b9eb66e41f1fec53bf3b30fb9a15c9b9603f7ed21e3d2a6e7
e9308cefd74c19c346b7e271c3f8addd5219d95d8102c80b0a9a8948c7daf165
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eac030737510451f6c3950ae4a2e62babbcfa3e0b75c43790eb13dabbe3d83a6
eb3ce3cc92fd81cbc082e65f36f1eb6573058b73ec7e7521348d55a3277ce42a
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ed352d20fba52e6b09d1b464e5c094d8792b46bff4f79e1a6daa521cd56e42be
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f22182dfb4c2f9d9afb123ddfc54ebc9111a521d9d0b4e66045a8cc0f6df742d
f29cefba8974cb6bf2dba370c7def20c4cd019b0c1948397281c75258aa8ecba
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c4ceaad6c0ded853185db4611bada262bc41f5e126e6af3a0e2476617201e7
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6a48eaca7d5a5d7b0e32ddb97d844467720411226437af2ce253d199138dc88
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9
fa4fef16a9b433ca0fb15659d1a9cbb0070a13a9cb2983852fd9c5e5e6e4c9b4
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbd6efbcce4ece6b3566e2c27b17c7f8cc43fe7ed5d4bb983d50259c045e719a